Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-38490 (GCVE-0-2025-38490)
Vulnerability from cvelistv5
Published
2025-07-28 11:21
Modified
2025-07-28 11:21
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: libwx: remove duplicate page_pool_put_full_page()
page_pool_put_full_page() should only be invoked when freeing Rx buffers
or building a skb if the size is too short. At other times, the pages
need to be reused. So remove the redundant page put. In the original
code, double free pages cause kernel panic:
[ 876.949834] __irq_exit_rcu+0xc7/0x130
[ 876.949836] common_interrupt+0xb8/0xd0
[ 876.949838] </IRQ>
[ 876.949838] <TASK>
[ 876.949840] asm_common_interrupt+0x22/0x40
[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420
[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 <45> 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d
[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246
[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000
[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e
[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed
[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580
[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000
[ 876.949852] ? cpuidle_enter_state+0xb3/0x420
[ 876.949855] cpuidle_enter+0x29/0x40
[ 876.949857] cpuidle_idle_call+0xfd/0x170
[ 876.949859] do_idle+0x7a/0xc0
[ 876.949861] cpu_startup_entry+0x25/0x30
[ 876.949862] start_secondary+0x117/0x140
[ 876.949864] common_startup_64+0x13e/0x148
[ 876.949867] </TASK>
[ 876.949868] ---[ end trace 0000000000000000 ]---
[ 876.949869] ------------[ cut here ]------------
[ 876.949870] list_del corruption, ffffead40445a348->next is NULL
[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120
[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)
[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi
[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)
[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE
[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024
[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120
[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff <0f> 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8
[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282
[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000
[ 876.949942] RDX: 0000000000000105 RSI: 00000
---truncated---
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/wangxun/libwx/wx_lib.c",
"drivers/net/ethernet/wangxun/libwx/wx_type.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa",
"status": "affected",
"version": "3c47e8ae113a68da47987750d9896e325d0aeedd",
"versionType": "git"
},
{
"lessThan": "08d18bda0d03f5ec376929a8c6c4495f9594593a",
"status": "affected",
"version": "3c47e8ae113a68da47987750d9896e325d0aeedd",
"versionType": "git"
},
{
"lessThan": "003e4765d8661be97e650a833868c53d35574130",
"status": "affected",
"version": "3c47e8ae113a68da47987750d9896e325d0aeedd",
"versionType": "git"
},
{
"lessThan": "1b7e585c04cd5f0731dd25ffd396277e55fae0e6",
"status": "affected",
"version": "3c47e8ae113a68da47987750d9896e325d0aeedd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/wangxun/libwx/wx_lib.c",
"drivers/net/ethernet/wangxun/libwx/wx_type.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.100",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.40",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.15.*",
"status": "unaffected",
"version": "6.15.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.100",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.40",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.15.8",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.16",
"versionStartIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T11:21:54.009Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa"
},
{
"url": "https://git.kernel.org/stable/c/08d18bda0d03f5ec376929a8c6c4495f9594593a"
},
{
"url": "https://git.kernel.org/stable/c/003e4765d8661be97e650a833868c53d35574130"
},
{
"url": "https://git.kernel.org/stable/c/1b7e585c04cd5f0731dd25ffd396277e55fae0e6"
}
],
"title": "net: libwx: remove duplicate page_pool_put_full_page()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-38490",
"datePublished": "2025-07-28T11:21:54.009Z",
"dateReserved": "2025-04-16T04:51:24.021Z",
"dateUpdated": "2025-07-28T11:21:54.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-38490\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-07-28T12:15:31.113\",\"lastModified\":\"2025-07-29T14:14:29.590\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: libwx: remove duplicate page_pool_put_full_page()\\n\\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\\nor building a skb if the size is too short. At other times, the pages\\nneed to be reused. So remove the redundant page put. In the original\\ncode, double free pages cause kernel panic:\\n\\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\\n[ 876.949836] common_interrupt+0xb8/0xd0\\n[ 876.949838] \u003c/IRQ\u003e\\n[ 876.949838] \u003cTASK\u003e\\n[ 876.949840] asm_common_interrupt+0x22/0x40\\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\\n[ 876.949855] cpuidle_enter+0x29/0x40\\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\\n[ 876.949859] do_idle+0x7a/0xc0\\n[ 876.949861] cpu_startup_entry+0x25/0x30\\n[ 876.949862] start_secondary+0x117/0x140\\n[ 876.949864] common_startup_64+0x13e/0x148\\n[ 876.949867] \u003c/TASK\u003e\\n[ 876.949868] ---[ end trace 0000000000000000 ]---\\n[ 876.949869] ------------[ cut here ]------------\\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: libwx: eliminar la p\u00e1gina duplicada page_pool_put_full_page(). page_pool_put_full_page() solo debe invocarse al liberar b\u00faferes Rx o al crear un skb si el tama\u00f1o es demasiado peque\u00f1o. En otros casos, es necesario reutilizar las p\u00e1ginas. Por lo tanto, se debe eliminar la p\u00e1gina redundante. En el c\u00f3digo original, las p\u00e1ginas doblemente libres provocan p\u00e1nico en el n\u00facleo:[ 876.949834] __irq_exit_rcu+0xc7/0x130 [ 876.949836] common_interrupt+0xb8/0xd0 [ 876.949838] [ 876.949838] [ 876.949840] asm_common_interrupt+0x22/0x40 [ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u0026lt;45\u0026gt; 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246 [ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000 [ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e [ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed [ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580 [ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000 [ 876.949852] ? cpuidle_enter_state+0xb3/0x420 [ 876.949855] cpuidle_enter+0x29/0x40 [ 876.949857] cpuidle_idle_call+0xfd/0x170 [ 876.949859] do_idle+0x7a/0xc0 [ 876.949861] cpu_startup_entry+0x25/0x30 [ 876.949862] start_secondary+0x117/0x140 [ 876.949864] common_startup_64+0x13e/0x148 [ 876.949867] [ 876.949868] ---[ end trace 0000000000000000 ]--- [ 876.949869] ------------[ cut here ]------------ [ 876.949870] list_del corruption, ffffead40445a348-\u0026gt;next is NULL [ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120 [ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E) [ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi [ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary) [ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE [ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120 [ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u0026lt;0f\u0026gt; 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8 [ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282 [ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000 [ 876.949942] RDX: 0000000000000105 RSI: 00000 ---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/003e4765d8661be97e650a833868c53d35574130\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/08d18bda0d03f5ec376929a8c6c4495f9594593a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1b7e585c04cd5f0731dd25ffd396277e55fae0e6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
suse-su-2025:20669-1
Vulnerability from csaf_suse
Published
2025-09-05 11:15
Modified
2025-09-05 11:15
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-101
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \"gpio: mlxbf3: only get IRQ for device instance 0\" (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Update Leap project\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: Revert \"scsi: iscsi: Fix HW conn removal use after free\" (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-101",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20669-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20669-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520669-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20669-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022482.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-05T11:15:11Z",
"generator": {
"date": "2025-09-05T11:15:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20669-1",
"initial_release_date": "2025-09-05T11:15:11Z",
"revision_history": [
{
"date": "2025-09-05T11:15:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-34.1.aarch64",
"product_id": "kernel-default-6.4.0-34.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"product_id": "kernel-default-base-6.4.0-34.1.21.11.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-34.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-34.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-34.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-34.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-34.1.noarch",
"product_id": "kernel-devel-6.4.0-34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-34.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-34.1.noarch",
"product_id": "kernel-macros-6.4.0-34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-34.1.noarch",
"product": {
"name": "kernel-source-6.4.0-34.1.noarch",
"product_id": "kernel-source-6.4.0-34.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-34.1.ppc64le",
"product_id": "kernel-default-6.4.0-34.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"product_id": "kernel-default-base-6.4.0-34.1.21.11.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-34.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-34.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-34.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.s390x",
"product": {
"name": "kernel-default-6.4.0-34.1.s390x",
"product_id": "kernel-default-6.4.0-34.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-34.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-34.1.s390x",
"product_id": "kernel-default-devel-6.4.0-34.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-34.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-34.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-34.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-34.1.x86_64",
"product_id": "kernel-default-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"product_id": "kernel-default-base-6.4.0-34.1.21.11.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-34.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-34.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-34.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-34.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x"
},
"product_reference": "kernel-default-6.4.0-34.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-34.1.21.11.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-34.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-34.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-34.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-34.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-34.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-34.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-34.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-34.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
},
"product_reference": "kernel-source-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T11:15:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:03301-1
Vulnerability from csaf_suse
Published
2025-09-23 09:05
Modified
2025-09-23 09:05
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-2025-3301,SUSE-SLE-Module-Basesystem-15-SP6-2025-3301,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3301,SUSE-SLE-Module-Legacy-15-SP6-2025-3301,SUSE-SLE-Module-Live-Patching-15-SP6-2025-3301,SUSE-SLE-Product-HA-15-SP6-2025-3301,SUSE-SLE-Product-WE-15-SP6-2025-3301,openSUSE-SLE-15.6-2025-3301
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306). \n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3301,SUSE-SLE-Module-Basesystem-15-SP6-2025-3301,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3301,SUSE-SLE-Module-Legacy-15-SP6-2025-3301,SUSE-SLE-Module-Live-Patching-15-SP6-2025-3301,SUSE-SLE-Product-HA-15-SP6-2025-3301,SUSE-SLE-Product-WE-15-SP6-2025-3301,openSUSE-SLE-15.6-2025-3301",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03301-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03301-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503301-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03301-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041802.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1232089",
"url": "https://bugzilla.suse.com/1232089"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1234156",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-23T09:05:11Z",
"generator": {
"date": "2025-09-23T09:05:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03301-1",
"initial_release_date": "2025-09-23T09:05:11Z",
"revision_history": [
{
"date": "2025-09-23T09:05:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-altera-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-amd-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-apm-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-apple-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-arm-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-lg-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"product_id": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.70.1.aarch64",
"product_id": "kernel-syms-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-devel-6.4.0-150600.23.70.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-docs-6.4.0-150600.23.70.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150600.23.70.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-macros-6.4.0-150600.23.70.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-source-6.4.0-150600.23.70.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150600.23.70.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-debug-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"product_id": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-syms-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-debug-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-debug-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-debug-devel-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"product_id": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.70.1.x86_64",
"product_id": "kernel-syms-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.70.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.70.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.70.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.70.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-allwinner-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-altera-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-altera-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amazon-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amd-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-amd-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amlogic-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apm-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-apm-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apple-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-apple-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-arm-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-arm-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-broadcom-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-cavium-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-exynos-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-freescale-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-hisilicon-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-lg-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-lg-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-marvell-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-mediatek-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-nvidia-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-qcom-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-renesas-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-rockchip-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-socionext-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-sprd-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-xilinx-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-debug-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-vdso-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-6.4.0-150600.23.70.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch"
},
"product_reference": "kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-49996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType\u0027s size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf-\u003eDataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49996",
"url": "https://www.suse.com/security/cve/CVE-2024-49996"
},
{
"category": "external",
"summary": "SUSE Bug 1232089 for CVE-2024-49996",
"url": "https://bugzilla.suse.com/1232089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-49996"
},
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_70-default-1-150600.13.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.70.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.70.1.150600.12.30.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.70.1.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.70.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.70.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:20739-1
Vulnerability from csaf_suse
Published
2025-09-23 11:26
Modified
2025-09-23 11:26
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \"gpio: mlxbf3: only get IRQ for device instance 0\" (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Update Leap project\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: Revert \"scsi: iscsi: Fix HW conn removal use after free\" (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20739-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20739-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520739-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20739-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041902.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-23T11:26:15Z",
"generator": {
"date": "2025-09-23T11:26:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20739-1",
"initial_release_date": "2025-09-23T11:26:15Z",
"revision_history": [
{
"date": "2025-09-23T11:26:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-36.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-36.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-36.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-36.1.noarch",
"product_id": "kernel-source-rt-6.4.0-36.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-36.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-36.1.x86_64",
"product_id": "kernel-rt-6.4.0-36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-36.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-36.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-36.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-36.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-36.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-36.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T11:26:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:20756-1
Vulnerability from csaf_suse
Published
2025-09-23 09:17
Modified
2025-09-23 09:17
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \"gpio: mlxbf3: only get IRQ for device instance 0\" (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Update Leap project\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: Revert \"scsi: iscsi: Fix HW conn removal use after free\" (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20756-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20756-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520756-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20756-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041924.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-23T09:17:23Z",
"generator": {
"date": "2025-09-23T09:17:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20756-1",
"initial_release_date": "2025-09-23T09:17:23Z",
"revision_history": [
{
"date": "2025-09-23T09:17:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-36.1.aarch64",
"product": {
"name": "kernel-rt-6.4.0-36.1.aarch64",
"product_id": "kernel-rt-6.4.0-36.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-36.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.4.0-36.1.aarch64",
"product_id": "kernel-rt-devel-6.4.0-36.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-36.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-36.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-36.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-36.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-36.1.noarch",
"product_id": "kernel-source-rt-6.4.0-36.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-36.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-36.1.x86_64",
"product_id": "kernel-rt-6.4.0-36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-36.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-36.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-36.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-36.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-36.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-36.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-36.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64"
},
"product_reference": "kernel-rt-6.4.0-36.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-36.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-36.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.4.0-36.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-36.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-36.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-36.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-36.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-36.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-36.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-36.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-36.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:17:23Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:03272-1
Vulnerability from csaf_suse
Published
2025-09-18 18:51
Modified
2025-09-18 18:51
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes).
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708).
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-2025-3272,SUSE-SLE-Module-Live-Patching-15-SP6-2025-3272,SUSE-SLE-Module-RT-15-SP6-2025-3272,openSUSE-SLE-15.6-2025-3272
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes).\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708).\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kernel-binary: Another installation ordering fix (bsc#1241353).\n- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes).\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3272,SUSE-SLE-Module-Live-Patching-15-SP6-2025-3272,SUSE-SLE-Module-RT-15-SP6-2025-3272,openSUSE-SLE-15.6-2025-3272",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03272-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03272-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503272-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03272-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041777.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1232089",
"url": "https://bugzilla.suse.com/1232089"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-18T18:51:32Z",
"generator": {
"date": "2025-09-18T18:51:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03272-1",
"initial_release_date": "2025-09-18T18:51:32Z",
"revision_history": [
{
"date": "2025-09-18T18:51:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150600.10.52.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP6",
"product": {
"name": "SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.52.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-optional-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.52.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-49996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType\u0027s size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf-\u003eDataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49996",
"url": "https://www.suse.com/security/cve/CVE-2024-49996"
},
{
"category": "external",
"summary": "SUSE Bug 1232089 for CVE-2024-49996",
"url": "https://bugzilla.suse.com/1232089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-49996"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_52-rt-1-150600.1.3.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-18T18:51:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:20653-1
Vulnerability from csaf_suse
Published
2025-09-05 12:02
Modified
2025-09-05 12:02
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Update Leap project
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-101
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \"gpio: mlxbf3: only get IRQ for device instance 0\" (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Update Leap project\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: Revert \"scsi: iscsi: Fix HW conn removal use after free\" (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-101",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20653-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20653-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520653-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20653-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041572.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-05T12:02:35Z",
"generator": {
"date": "2025-09-05T12:02:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20653-1",
"initial_release_date": "2025-09-05T12:02:35Z",
"revision_history": [
{
"date": "2025-09-05T12:02:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-34.1.aarch64",
"product_id": "kernel-default-6.4.0-34.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"product_id": "kernel-default-base-6.4.0-34.1.21.11.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-34.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-34.1.noarch",
"product_id": "kernel-devel-6.4.0-34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-34.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-34.1.noarch",
"product_id": "kernel-macros-6.4.0-34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-34.1.noarch",
"product": {
"name": "kernel-source-6.4.0-34.1.noarch",
"product_id": "kernel-source-6.4.0-34.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.s390x",
"product": {
"name": "kernel-default-6.4.0-34.1.s390x",
"product_id": "kernel-default-6.4.0-34.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-34.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-34.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-34.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-34.1.x86_64",
"product_id": "kernel-default-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"product_id": "kernel-default-base-6.4.0-34.1.21.11.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-34.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-34.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x"
},
"product_reference": "kernel-default-6.4.0-34.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-34.1.21.11.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-34.1.21.11.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-34.1.21.11.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-34.1.21.11.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-34.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-34.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-34.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-34.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
},
"product_reference": "kernel-source-6.4.0-34.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-34.1.21.11.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-34.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-34.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-34.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-05T12:02:35Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:02923-1
Vulnerability from csaf_suse
Published
2025-08-20 07:24
Modified
2025-08-20 07:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: TSX Asynchronous Abort condition (bsc#1139073).
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
- CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954).
- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
- CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
- CVE-2025-37938: tracing: Verify event formats that have '%*p..' (bsc#1243544).
- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
- CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
The following non-security bugs were fixed:
- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).
- ACPI: OSI: Stop advertising support for '3.0 _SCP Extensions' (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- ACPI: battery: negate current when discharging (stable-fixes).
- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).
- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).
- ACPICA: Utilities: Fix spelling mistake 'Incremement' -> 'Increment' (git-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).
- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- NFSv4.2: another fix for listxattr (git-fixes).
- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- Revert 'vgacon: Add check for vc_origin address range in vgacon_scroll()' (stable-fixes).
- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- audit,module: restore audit logging in load failure case (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- kABI: Fix the module::name type in audit_context (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- smb: client: fix parsing of device numbers (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- Bluetooth: MGMT: Fix sparse errors (git-fixes).
- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- Bluetooth: Remove pending ACL connection attempts (stable-fixes).
- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- HID: core: do not bypass hid_hw_raw_request (stable-fixes).
- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- HID: wacom: fix kobject reference count leak (git-fixes).
- HID: wacom: fix memory leak on kobject creation failure (git-fixes).
- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: iqs7222 - explicitly define number of external channels (git-fixes).
- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - adjust error handling for disconnect (git-fixes).
- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- Input: xpad - support Acer NGR 200 Controller (stable-fixes).
- KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (git-fixes).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
- Logitech C-270 even more broken (stable-fixes).
- Move upstreamed SCSI and ACPI patches into sorted section
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241)
- MyBS: Do not build kernel-obs-qa with limit_packages
- MyBS: Simplify qa_expr generation
- NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
- NFS: Do not allow waiting for exiting tasks (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- NFSv4.2: fix listxattr to return selinux security label (git-fixes).
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- NFSv4: Always set NLINK even if the server does not support it (git-fixes).
- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI/DPC: Log Error Source ID only when valid (git-fixes).
- PCI/DPC: Use defines with DPC reason fields (git-fixes).
- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: apple: Set only available ports up (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: endpoint: Fix configfs group list head handling (git-fixes).
- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- PCI: rockchip-host: Fix 'Unexpected Completion' log message (git-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- PM / devfreq: Check governor before using governor->name (git-fixes).
- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
- RDMA/core: Rate limit GID cache warning messages (git-fixes)
- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- RDMA/hns: Drop GFP_NOWARN (git-fixes)
- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)
- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)
- RDMA/hns: Fix accessing uninitialized resources (git-fixes)
- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)
- RDMA/hns: Get message length of ack_req from FW (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)
- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)
- RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
- Reapply 'wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()' (git-fixes).
- Remove compress-vmlinux.sh
- Remove host-memcpy-hack.h
- Remove try-disable-staging-driver
- Revert 'ACPI: battery: negate current when discharging' (stable-fixes).
- Revert 'ALSA: usb-audio: Skip setting clock selector for single connections' (stable-fixes).
- Revert 'arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)
- Revert 'bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first' (stable-fixes).
- Revert 'cgroup_freezer: cgroup_freezing: Check if not frozen' (bsc#1219338).
- Revert 'drm/amdgpu: do not allow userspace to create a doorbell BO' (stable-fixes).
- Revert 'drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1' (stable-fixes).
- Revert 'ipv6: save dontfrag in cork (git-fixes).'
- Revert 'kABI: ipv6: save dontfrag in cork (git-fixes).'
- Revert 'mmc: sdhci: Disable SD card clock before changing parameters' (git-fixes).
- Revert 'usb: xhci: Implement xhci_handshake_check_state() helper' (git-fixes).
- Revert 'wifi: mt76: mt7996: fill txd by host driver' (stable-fixes).
- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
- SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- USB: serial: option: add Foxconn T99W640 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- add bug reference to existing hv_storvsc change (bsc#1245455).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- bnxt: properly flush XDP redirect lists (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Force uprobe bpf program to always return 0 (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- bs-upload-kernel: Pass limit_packages also on multibuild
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- ceph: Fix incorrect flush end position calculation (git-fixes).
- ceph: allocate sparse_ext map only for sparse reads (git-fixes).
- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Fix brown-bag boolean thinko in (git-fixes)
- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
- devlink: fix port dump cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/i915: fix build error some more (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbcon: Make sure modelist not set on unregistered console (stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- fgraph: Still initialize idle shadow stacks when starting (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: Revert 'Do not WARN on gpiod_put() for optional GPIO' (stable-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
- hwmon: (occ) fix unaligned accesses (git-fixes).
- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
- i2c: npcm: Add clock toggle recovery (stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- i2c: tiny-usb: disable zero-length read messages (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
- ice: Fix LACP bonds without SRIOV environment (git-fixes).
- ice: create new Tx scheduler nodes for new queues only (git-fixes).
- ice: fix Tx scheduler error handling in XDP callback (git-fixes).
- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
- ice: fix vf->num_mac count with port representors (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
- ipmr: fix tables suspicious RCU usage (git-fixes).
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: save dontfrag in cork (git-fixes).
- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
- kABI: ipv6: save dontfrag in cork (git-fixes).
- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- kabi: restore layout of struct cgroup_subsys (bsc#1241166).
- kabi: restore layout of struct mem_control (jsc#PED-12551).
- kabi: restore layout of struct page_counter (jsc#PED-12551).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled
- kernel-source: Do not use multiple -r in sed parameters
- kernel-source: Remove log.sh from sources
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: add file_start_write() and file_end_write() (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
- mmc: Add quirk to disable DDR50 tuning (stable-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
- net/mlx5: Fix return value when searching for existing flow group (git-fixes).
- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
- net/neighbor: clear error in case strict check is not set (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- net: fix udp gso skb_segment after pull from frag_list (git-fixes).
- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
- net: ice: Perform accurate aRFS flow match (git-fixes).
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- net: linkwatch: use system_unbound_wq (git-fixes).
- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
- net: mana: Record doorbell physical address in PF mode (bsc#1244229).
- net: page_pool: fix warning code (git-fixes).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
- net_sched: prio: fix a race in prio_tune() (git-fixes).
- net_sched: red: fix a race in __red_change() (git-fixes).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: reject invalid perturb period (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- net_sched: tbf: fix a race in tbf_change() (git-fixes).
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- ntp: Clamp maxerror and esterror to operating range (git-fixes)
- ntp: Remove invalid cast in time offset math (git-fixes)
- ntp: Safeguard against time_constant overflow (git-fixes)
- nvme-fc: do not reference lsrsp after failure (bsc#1245193).
- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
- nvme-pci: add quirks for device 126f:1001 (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
- nvme: fix command limits status code (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix implicit bool to flags conversion (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
- nvmet-fc: take tgtport refs for portentry (bsc#1245193).
- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
- nvmet-fcloop: prevent double port deletion (bsc#1245193).
- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
- nvmet-fcloop: remove nport from list on last user (bsc#1245193).
- nvmet-fcloop: track ref counts for nports (bsc#1245193).
- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- orangefs: Do not truncate file size (git-fixes).
- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use 'unsigned int' instead of bare 'unsigned' (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: dell_rbu: Fix list usage (git-fixes).
- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879)
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rpm: Stop using is_kotd_qa macro
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- scsi: Improve CDL control (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: mpi3mr: Add level check to control event logging (git-fixes).
- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
- scsi: st: ERASE does not change tape location (git-fixes).
- scsi: st: Restore some drive settings after reset (git-fixes).
- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- struct usci: hide additional member (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
- supported.conf: add missing entries for armv7hl
- supported.conf: move nvme-apple to optional again
- supported.conf: sort entries again
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Do not double dequeue a configuration request (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
- tracing: Add __print_dynamic_array() helper (bsc#1243544).
- tracing: Add __string_len() example (bsc#1243544).
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
- tracing: Fix compilation warning on arm32 (bsc#1243551).
- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_debugfs_entry: hide signedness change (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- udp: annotate data-races around up->pending (git-fixes).
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- uprobes: Use kzalloc to allocate xol area (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Only enable supported notifications (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
- vmxnet3: update MTU after device quiesce (bsc#1244626).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
- wifi: ath11k: do not wait when there is no vdev started (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
- wifi: ath12k: fix incorrect CE addresses (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/microcode/AMD: Add get_patch_level() (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/microcode: Consolidate the loader enablement checking (git-fixes).
- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
- xen/x86: fix initial memory balloon target (git-fixes).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).
Patchnames
SUSE-2025-2923,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-2923
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2019-11135: TSX Asynchronous Abort condition (bsc#1139073).\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).\n- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896).\n- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).\n- CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).\n- CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954).\n- CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).\n- CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).\n- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).\n- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).\n- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).\n- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).\n- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).\n- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).\n- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).\n- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).\n- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).\n- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).\n- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).\n- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).\n- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).\n- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).\n- CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).\n- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).\n- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).\n- CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).\n- CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).\n- CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).\n- CVE-2025-21938: mptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr (bsc#1240723).\n- CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n- CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).\n- CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).\n- CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).\n- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).\n- CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).\n- CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).\n- CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).\n- CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).\n- CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).\n- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).\n- CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).\n- CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).\n- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).\n- CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).\n- CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).\n- CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).\n- CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).\n- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).\n- CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).\n- CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).\n- CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).\n- CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).\n- CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value (bsc#1243537).\n- CVE-2025-37938: tracing: Verify event formats that have \u0027%*p..\u0027 (bsc#1243544).\n- CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).\n- CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).\n- CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).\n- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).\n- CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).\n- CVE-2025-37992: net_sched: Flush gso_skb list too during -\u003echange() (bsc#1243698).\n- CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).\n- CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).\n- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).\n- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).\n- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).\n- CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).\n- CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).\n- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).\n- CVE-2025-38060: bpf: abort verification if env-\u003ecur_state-\u003eloop_entry != NULL (bsc#1245155).\n- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).\n- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).\n- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).\n- CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).\n- CVE-2025-38074: vhost-scsi: protect vq-\u003elog_used with vq-\u003emutex (bsc#1244735).\n- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).\n- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).\n- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).\n- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).\n- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).\n- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).\n- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).\n- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).\n- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).\n- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).\n- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).\n- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).\n- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).\n- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).\n- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).\n- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).\n- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).\n- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).\n- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).\n- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).\n- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).\n- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).\n- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).\n- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).\n- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).\n- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).\n- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).\n- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).\n- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).\n- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).\n- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).\n- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).\n- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).\n- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).\n- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).\n- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).\n- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).\n- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).\n- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).\n- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).\n- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).\n- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).\n- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).\n- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).\n- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).\n- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).\n- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).\n- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).\n- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).\n- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).\n- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).\n- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).\n- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).\n- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).\n- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).\n- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).\n- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: LPSS: Remove AudioDSP related ID (git-fixes).\n- ACPI: OSI: Stop advertising support for \u00273.0 _SCP Extensions\u0027 (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).\n- ACPI: battery: negate current when discharging (stable-fixes).\n- ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).\n- ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes).\n- ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).\n- ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes).\n- ACPICA: Utilities: Fix spelling mistake \u0027Incremement\u0027 -\u003e \u0027Increment\u0027 (git-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).\n- ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).\n- ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).\n- ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).\n- ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).\n- ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).\n- ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).\n- ALSA: hda/tegra: Add Tegra264 support (stable-fixes).\n- ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).\n- ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).\n- ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: sb: Do not allow changing the DMA mode during operations (stable-fixes).\n- ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).\n- ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).\n- ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).\n- ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).\n- ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).\n- ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).\n- ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).\n- ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).\n- ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).\n- ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).\n- ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).\n- ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).\n- ALSA: usb-audio: Support multiple control interfaces (stable-fixes).\n- ALSA: usb-audio: Support read-only clock selector control (stable-fixes).\n- ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).\n- ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).\n- ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).\n- ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).\n- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).\n- NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes).\n- NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).\n- NFS: Fixup allocation flags for nfsiod\u0027s __GFP_NORETRY (git-fixes).\n- NFSv4.2: another fix for listxattr (git-fixes).\n- PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).\n- PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).\n- RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)\n- Revert \u0027vgacon: Add check for vc_origin address range in vgacon_scroll()\u0027 (stable-fixes).\n- SMB3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).\n- [SMB3] send channel sequence number in SMB3 requests after reconnects (git-fixes).\n- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).\n- audit,module: restore audit logging in load failure case (git-fixes).\n- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).\n- cifs: reconnect helper should set reconnect for the right channel (git-fixes).\n- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).\n- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).\n- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).\n- hv_netvsc: Use VF\u0027s tso_max_size value when data path is VF (bsc#1246203).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- kABI: Fix the module::name type in audit_context (git-fixes).\n- module: Fix memory deallocation on error path in move_module() (git-fixes).\n- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).\n- module: Restore the moduleparam prefix length check (git-fixes).\n- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).\n- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).\n- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).\n- net: mana: Add debug logs in MANA network driver (bsc#1246212).\n- net: mana: Add handler for hardware servicing events (bsc#1245730).\n- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).\n- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).\n- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).\n- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).\n- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).\n- net: mana: explain irq_setup() algorithm (bsc#1245457).\n- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).\n- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).\n- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).\n- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).\n- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).\n- smb3: move server check earlier when setting channel sequence number (git-fixes).\n- smb: client: fix parsing of device numbers (git-fixes).\n- sunrpc: fix client side handling of tls alerts (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- tracing/kprobe: Make trace_kprobe\u0027s module callback called after jump_label update (git-fixes).\n- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).\n- ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).\n- ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).\n- ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).\n- ASoC: amd: yc: update quirk data for HP Victus (stable-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).\n- ASoC: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).\n- ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).\n- ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).\n- ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).\n- ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).\n- Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).\n- Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).\n- Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).\n- Bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).\n- Bluetooth: MGMT: Fix sparse errors (git-fixes).\n- Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).\n- Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).\n- Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).\n- Bluetooth: Remove pending ACL connection attempts (stable-fixes).\n- Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).\n- Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).\n- Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).\n- Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).\n- Bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).\n- Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).\n- Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).\n- Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).\n- Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).\n- Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).\n- Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).\n- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).\n- Bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).\n- Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).\n- Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).\n- Bluetooth: hci_sync: revert some mesh modifications (git-fixes).\n- Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Documentation: ACPI: Fix parent device references (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).\n- Fix dma_unmap_sg() nents value (git-fixes)\n- HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).\n- HID: core: do not bypass hid_hw_raw_request (stable-fixes).\n- HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).\n- HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).\n- HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).\n- HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- HID: wacom: fix kobject reference count leak (git-fixes).\n- HID: wacom: fix memory leak on kobject creation failure (git-fixes).\n- HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).\n- IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes)\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: iqs7222 - explicitly define number of external channels (git-fixes).\n- Input: sparcspkr - avoid unannotated fall-through (stable-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - adjust error handling for disconnect (git-fixes).\n- Input: xpad - set correct controller type for Acer NGR200 (git-fixes).\n- Input: xpad - support Acer NGR 200 Controller (stable-fixes).\n- KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).\n- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (git-fixes).\n- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).\n- KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).\n- Logitech C-270 even more broken (stable-fixes).\n- Move upstreamed SCSI and ACPI patches into sorted section\n- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241)\n- MyBS: Do not build kernel-obs-qa with limit_packages\n- MyBS: Simplify qa_expr generation\n- NFC: nci: uart: Set tty-\u003edisc_data only in success path (git-fixes).\n- NFS: Do not allow waiting for exiting tasks (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).\n- NFSv4.2: fix listxattr to return selinux security label (git-fixes).\n- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).\n- NFSv4: Always set NLINK even if the server does not support it (git-fixes).\n- NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).\n- NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).\n- NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI/DPC: Log Error Source ID only when valid (git-fixes).\n- PCI/DPC: Use defines with DPC reason fields (git-fixes).\n- PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).\n- PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: apple: Set only available ports up (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).\n- PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).\n- PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: endpoint: Fix configfs group list head handling (git-fixes).\n- PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes).\n- PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).\n- PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).\n- PCI: rockchip-host: Fix \u0027Unexpected Completion\u0027 log message (git-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- PM / devfreq: Check governor before using governor-\u003ename (git-fixes).\n- PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)\n- RDMA/core: Rate limit GID cache warning messages (git-fixes)\n- RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)\n- RDMA/hns: Drop GFP_NOWARN (git-fixes)\n- RDMA/hns: Fix -Wframe-larger-than issue (git-fixes)\n- RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes)\n- RDMA/hns: Fix accessing uninitialized resources (git-fixes)\n- RDMA/hns: Fix double destruction of rsv_qp (git-fixes)\n- RDMA/hns: Get message length of ack_req from FW (git-fixes)\n- RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)\n- RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)\n- RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)\n- RDMA/mlx5: Fix CC counters query for MPV (git-fixes)\n- RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes)\n- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn\u0027t set (git-fixes)\n- RDMA/mlx5: Fix vport loopback for MPV device (git-fixes)\n- RDMA/mlx5: Initialize obj_event-\u003eobj_sub_list before xa_insert (git-fixes)\n- RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)\n- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)\n- RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)\n- RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)\n- RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)\n- RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)\n- Reapply \u0027wifi: mac80211: Update skb\u0027s control block key in ieee80211_tx_dequeue()\u0027 (git-fixes).\n- Remove compress-vmlinux.sh\n- Remove host-memcpy-hack.h \n- Remove try-disable-staging-driver \n- Revert \u0027ACPI: battery: negate current when discharging\u0027 (stable-fixes).\n- Revert \u0027ALSA: usb-audio: Skip setting clock selector for single connections\u0027 (stable-fixes).\n- Revert \u0027arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes)\n- Revert \u0027bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\u0027 (stable-fixes).\n- Revert \u0027cgroup_freezer: cgroup_freezing: Check if not frozen\u0027 (bsc#1219338).\n- Revert \u0027drm/amdgpu: do not allow userspace to create a doorbell BO\u0027 (stable-fixes).\n- Revert \u0027drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1\u0027 (stable-fixes).\n- Revert \u0027ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027kABI: ipv6: save dontfrag in cork (git-fixes).\u0027\n- Revert \u0027mmc: sdhci: Disable SD card clock before changing parameters\u0027 (git-fixes).\n- Revert \u0027usb: xhci: Implement xhci_handshake_check_state() helper\u0027 (git-fixes).\n- Revert \u0027wifi: mt76: mt7996: fill txd by host driver\u0027 (stable-fixes).\n- SUNRPC: Do not allow waiting for exiting tasks (git-fixes).\n- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).\n- SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).\n- SUNRPC: rpcbind should never reset the port to the value \u00270\u0027 (git-fixes).\n- USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).\n- USB: serial: option: add Foxconn T99W640 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).\n- USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- add bug reference to existing hv_storvsc change (bsc#1245455).\n- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).\n- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).\n- aoe: clean device rq_list in aoedev_downdev() (git-fixes).\n- apple-mfi-fastcharge: protect first device name (git-fixes).\n- arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)\n- ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).\n- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).\n- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).\n- ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- bnxt: properly flush XDP redirect lists (git-fixes).\n- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).\n- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).\n- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).\n- bpf: Add a possibly-zero-sized read test (git-fixes).\n- bpf: Avoid __hidden__ attribute in static object (git-fixes).\n- bpf: Check percpu map value size first (git-fixes).\n- bpf: Disable some `attribute ignored\u0027 warnings in GCC (git-fixes).\n- bpf: Fix memory leak in bpf_core_apply (git-fixes).\n- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).\n- bpf: Force uprobe bpf program to always return 0 (git-fixes).\n- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).\n- bpf: Make the pointer returned by iter next method valid (git-fixes).\n- bpf: Simplify checking size of helper accesses (git-fixes).\n- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).\n- bpf: sockmap, updating the sg structure should also update curr (git-fixes).\n- bpftool: Fix missing pids during link show (git-fixes).\n- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).\n- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).\n- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).\n- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).\n- bs-upload-kernel: Pass limit_packages also on multibuild\n- btrfs: do not ignore inode missing when replaying log tree (git-fixes).\n- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).\n- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).\n- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)\n- btrfs: fix assertion when building free space tree (git-fixes).\n- btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).\n- btrfs: fix inode lookup error handling during log replay (git-fixes).\n- btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).\n- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).\n- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).\n- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).\n- btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).\n- btrfs: fix ssd_spread overallocation (git-fixes).\n- btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).\n- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)\n- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).\n- btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).\n- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).\n- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).\n- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).\n- btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).\n- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).\n- btrfs: update superblock\u0027s device bytes_used when dropping chunk (git-fixes).\n- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).\n- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).\n- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).\n- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).\n- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).\n- can: kvaser_pciefd: Store device channel index (git-fixes).\n- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).\n- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).\n- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).\n- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).\n- can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).\n- cdc-acm: fix race between initial clearing halt and open (git-fixes).\n- ceph: Fix incorrect flush end position calculation (git-fixes).\n- ceph: allocate sparse_ext map only for sparse reads (git-fixes).\n- ceph: fix memory leaks in __ceph_sync_read() (git-fixes).\n- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).\n- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).\n- cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).\n- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).\n- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).\n- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).\n- clocksource: Fix brown-bag boolean thinko in (git-fixes)\n- clocksource: Make watchdog and suspend-timing multiplication (git-fixes)\n- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).\n- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).\n- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).\n- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).\n- comedi: Fix some signed shift left operations (git-fixes).\n- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).\n- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).\n- comedi: das16m1: Fix bit shift out of bounds (git-fixes).\n- comedi: das6402: Fix bit shift out of bounds (git-fixes).\n- comedi: pcl812: Fix bit shift out of bounds (git-fixes).\n- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).\n- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).\n- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).\n- crypto: ccp - Fix locking on alloc failure handling (git-fixes).\n- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).\n- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).\n- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).\n- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).\n- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).\n- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).\n- crypto: qat - fix state restore for banks with exceptions (git-fixes).\n- crypto: qat - flush misc workqueue during device shutdown (git-fixes).\n- crypto: qat - use unmanaged allocation for dc_data (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: Fix referring to hw_addr attribute during state validation (git-fixes).\n- devlink: fix port dump cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dm-bufio: fix sched in atomic context (git-fixes).\n- dm-flakey: error all IOs when num_features is absent (git-fixes).\n- dm-flakey: make corrupting read bios work (git-fixes).\n- dm-mirror: fix a tiny race condition (git-fixes).\n- dm-raid: fix variable in journal device check (git-fixes).\n- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).\n- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).\n- dm: free table mempools if not used in __bind (git-fixes).\n- dm: restrict dm device size to 2^63-512 bytes (git-fixes).\n- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).\n- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).\n- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).\n- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).\n- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).\n- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).\n- drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).\n- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).\n- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).\n- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).\n- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).\n- drm/etnaviv: Protect the scheduler\u0027s pending list with its lock (git-fixes).\n- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).\n- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).\n- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).\n- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).\n- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).\n- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).\n- drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).\n- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).\n- drm/i915: fix build error some more (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/disp: Correct porch timing for SDM845 (git-fixes).\n- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).\n- drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/msm: Fix a fence leak in submit error path (stable-fixes).\n- drm/msm: Fix another leak in the submit error path (stable-fixes).\n- drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).\n- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).\n- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).\n- drm/scheduler: signal scheduled fence when kill job (stable-fixes).\n- drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).\n- fbcon: Fix outdated registered_fb reference in comment (git-fixes).\n- fbcon: Make sure modelist not set on unregistered console (stable-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).\n- fgraph: Still initialize idle shadow stacks when starting (git-fixes).\n- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).\n- firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- fs/jfs: consolidate sanity checking in dbMount (git-fixes).\n- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).\n- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).\n- gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).\n- gpio: sim: include a missing header (git-fixes).\n- gpio: vf610: add locking to gpio direction functions (git-fixes).\n- gpio: virtio: Fix config space reading (git-fixes).\n- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).\n- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).\n- gpiolib: Revert \u0027Do not WARN on gpiod_put() for optional GPIO\u0027 (stable-fixes).\n- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).\n- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).\n- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).\n- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).\n- gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).\n- gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).\n- hfs: make splice write available again (git-fixes).\n- hfsplus: make splice write available again (git-fixes).\n- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).\n- hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).\n- hwmon: (occ) Rework attribute registration for stack usage (git-fixes).\n- hwmon: (occ) fix unaligned accesses (git-fixes).\n- hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).\n- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).\n- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).\n- i2c/designware: Fix an initialization issue (git-fixes).\n- i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).\n- i2c: npcm: Add clock toggle recovery (stable-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i2c: qup: jump out of the loop in case of timeout (git-fixes).\n- i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).\n- i2c: stm32: fix the device used for the DMA map (git-fixes).\n- i2c: tegra: Fix reset error handling with ACPI (git-fixes).\n- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)\n- i2c: tiny-usb: disable zero-length read messages (git-fixes).\n- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).\n- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).\n- i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).\n- ice: Fix LACP bonds without SRIOV environment (git-fixes).\n- ice: create new Tx scheduler nodes for new queues only (git-fixes).\n- ice: fix Tx scheduler error handling in XDP callback (git-fixes).\n- ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).\n- ice: fix vf-\u003enum_mac count with port representors (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).\n- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).\n- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).\n- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).\n- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).\n- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).\n- ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).\n- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).\n- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).\n- iommu/vt-d: Fix possible circular locking dependency (git-fixes).\n- iommu/vt-d: Fix system hang on reboot -f (git-fixes).\n- iommu: Protect against overflow in iommu_pgsize() (git-fixes).\n- iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)\n- iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)\n- ip6mr: fix tables suspicious RCU usage (git-fixes).\n- ip_tunnel: annotate data-races around t-\u003eparms.link (git-fixes).\n- ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).\n- ipmr: fix tables suspicious RCU usage (git-fixes).\n- ipv4: Convert ip_route_input() to dscp_t (git-fixes).\n- ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).\n- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).\n- ipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec() (git-fixes).\n- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).\n- ipv6: save dontfrag in cork (git-fixes).\n- ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).\n- isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).\n- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).\n- kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kABI workaround for struct drm_framebuffer changes (git-fixes).\n- kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).\n- kABI: ipv6: save dontfrag in cork (git-fixes).\n- kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- kabi: restore layout of struct cgroup_subsys (bsc#1241166).\n- kabi: restore layout of struct mem_control (jsc#PED-12551).\n- kabi: restore layout of struct page_counter (jsc#PED-12551).\n- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).\n- kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled\n- kernel-source: Do not use multiple -r in sed parameters\n- kernel-source: Remove log.sh from sources\n- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).\n- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).\n- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: add file_start_write() and file_end_write() (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).\n- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).\n- md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add bounds checking to firmware parser (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: hi556: correct the test pattern configuration (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: usbtv: Lock resolution while streaming (git-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).\n- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-ctrls: Do not reset handler\u0027s error in v4l2_ctrl_handler_free() (git-fixes).\n- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Add a check for packet size after reading from shared memory (git-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).\n- media: venus: protect against spurious interrupts during probe (git-fixes).\n- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).\n- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- media: vivid: fix wrong pixel_array control size (git-fixes).\n- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).\n- mmc: Add quirk to disable DDR50 tuning (stable-fixes).\n- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).\n- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).\n- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).\n- mtd: fix possible integer overflow in erase_xfer() (git-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).\n- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).\n- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).\n- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).\n- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).\n- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).\n- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).\n- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).\n- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).\n- mtk-sd: reset host-\u003emrq on prepare_data() error (git-fixes).\n- mwl8k: Add missing check after DMA map (git-fixes).\n- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).\n- neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).\n- net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).\n- net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).\n- net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).\n- net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).\n- net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).\n- net/mlx5: Fix return value when searching for existing flow group (git-fixes).\n- net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).\n- net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).\n- net/neighbor: clear error in case strict check is not set (git-fixes).\n- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).\n- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).\n- net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).\n- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).\n- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).\n- net: Fix TOCTOU issue in sk_is_readable() (git-fixes).\n- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).\n- net: add rcu safety to rtnl_prop_list_size() (git-fixes).\n- net: fix udp gso skb_segment after pull from frag_list (git-fixes).\n- net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).\n- net: ice: Perform accurate aRFS flow match (git-fixes).\n- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).\n- net: linkwatch: use system_unbound_wq (git-fixes).\n- net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).\n- net: mana: Record doorbell physical address in PF mode (bsc#1244229).\n- net: page_pool: fix warning code (git-fixes).\n- net: phy: Do not register LEDs for genphy (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).\n- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).\n- net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).\n- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).\n- net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).\n- net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).\n- net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).\n- net: sched: fix erspan_opt settings in cls_flower (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).\n- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).\n- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).\n- net_sched: prio: fix a race in prio_tune() (git-fixes).\n- net_sched: red: fix a race in __red_change() (git-fixes).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: reject invalid perturb period (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- net_sched: tbf: fix a race in tbf_change() (git-fixes).\n- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).\n- netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).\n- netlink: specs: dpll: replace underscores with dashes in names (git-fixes).\n- netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).\n- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).\n- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).\n- nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nilfs2: reject invalid file types when reading inodes (git-fixes).\n- ntp: Clamp maxerror and esterror to operating range (git-fixes)\n- ntp: Remove invalid cast in time offset math (git-fixes)\n- ntp: Safeguard against time_constant overflow (git-fixes)\n- nvme-fc: do not reference lsrsp after failure (bsc#1245193).\n- nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).\n- nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).\n- nvme-pci: add quirks for device 126f:1001 (git-fixes).\n- nvme-pci: refresh visible attrs after being checked (git-fixes).\n- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).\n- nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).\n- nvme: fix command limits status code (git-fixes).\n- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).\n- nvme: fix implicit bool to flags conversion (git-fixes).\n- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).\n- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).\n- nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).\n- nvmet-fc: take tgtport refs for portentry (bsc#1245193).\n- nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).\n- nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).\n- nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).\n- nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).\n- nvmet-fcloop: drop response if targetport is gone (bsc#1245193).\n- nvmet-fcloop: prevent double port deletion (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).\n- nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).\n- nvmet-fcloop: remove nport from list on last user (bsc#1245193).\n- nvmet-fcloop: track ref counts for nports (bsc#1245193).\n- nvmet-fcloop: update refs on tfcp_req (bsc#1245193).\n- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).\n- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).\n- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).\n- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).\n- objtool: Fix error handling inconsistencies in check() (git-fixes).\n- objtool: Ignore dangling jump table entries (git-fixes).\n- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).\n- objtool: Properly disable uaccess validation (git-fixes).\n- objtool: Silence more KCOV warnings (git-fixes).\n- objtool: Silence more KCOV warnings, part 2 (git-fixes).\n- objtool: Stop UNRET validation on UD2 (git-fixes).\n- orangefs: Do not truncate file size (git-fixes).\n- pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).\n- page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).\n- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).\n- perf: Fix sample vs do_exit() (bsc#1246547).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).\n- pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \u0027unsigned int\u0027 instead of bare \u0027unsigned\u0027 (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).\n- pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).\n- pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).\n- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).\n- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).\n- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).\n- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).\n- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).\n- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).\n- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).\n- platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).\n- platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).\n- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).\n- platform/x86: dell_rbu: Fix list usage (git-fixes).\n- platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).\n- platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).\n- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).\n- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).\n- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- power: supply: bq27xxx: Retrieve again when busy (stable-fixes).\n- power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).\n- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).\n- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).\n- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).\n- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).\n- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).\n- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).\n- powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- pstore: Change kmsg_bytes storage size to u32 (git-fixes).\n- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).\n- ptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use() (git-fixes).\n- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).\n- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).\n- r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).\n- regmap: fix potential memory leak of regmap_bus (git-fixes).\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).\n- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).\n- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).\n- resource: fix false warning in __request_region() (git-fixes).\n- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).\n- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).\n- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).\n- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.\n- rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725)\n- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879)\n- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)\n- rpm: Stop using is_kotd_qa macro \n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).\n- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).\n- s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).\n- s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).\n- s390: Add z17 elf platform (LTC#214086 bsc#1245540).\n- samples: mei: Fix building on musl libc (git-fixes).\n- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).\n- scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).\n- scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).\n- scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).\n- scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).\n- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Modify end-of-life adapters\u0027 model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).\n- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: megaraid_sas: Fix invalid node index (git-fixes).\n- scsi: mpi3mr: Add level check to control event logging (git-fixes).\n- scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).\n- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).\n- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).\n- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).\n- scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).\n- scsi: st: ERASE does not change tape location (git-fixes).\n- scsi: st: Restore some drive settings after reset (git-fixes).\n- scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).\n- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).\n- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).\n- selftests/bpf: Change functions definitions to support GCC (git-fixes).\n- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).\n- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: imx: Restore original RXTL for console to fix data loss (git-fixes).\n- serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).\n- serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).\n- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: QMI encoding/decoding for big endian (git-fixes).\n- soc: qcom: fix endianness for QMI header (git-fixes).\n- soc: qcom: pmic_glink: fix OF node leak (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- soundwire: amd: fix for clearing command status register (git-fixes).\n- soundwire: stream: restore params when prepare ports fail (git-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- staging: axis-fifo: remove sysfs interface (git-fixes).\n- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).\n- staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).\n- struct cdns: move new member to the end (git-fixes).\n- struct ucsi_operations: use padding for new operation (git-fixes).\n- struct usci: hide additional member (git-fixes).\n- sunrpc: do not immediately retransmit on seqno miss (git-fixes).\n- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).\n- supported.conf: add missing entries for armv7hl\n- supported.conf: move nvme-apple to optional again\n- supported.conf: sort entries again\n- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).\n- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).\n- tcp/dccp: complete lockless accesses to sk-\u003esk_max_ack_backlog (git-fixes).\n- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).\n- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).\n- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Do not double dequeue a configuration request (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).\n- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).\n- thunderbolt: Fix wake on connect at runtime (git-fixes).\n- timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)\n- timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)\n- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).\n- tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).\n- tracing: Add __print_dynamic_array() helper (bsc#1243544).\n- tracing: Add __string_len() example (bsc#1243544).\n- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).\n- tracing: Fix compilation warning on arm32 (bsc#1243551).\n- tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).\n- truct dwc3 hide new member wakeup_pending_funcs (git-fixes).\n- types: Complement the aligned types with signed 64-bit one (stable-fixes).\n- ucount: fix atomic_long_inc_below() argument type (git-fixes).\n- ucsi-glink: adapt to kABI consistency (git-fixes).\n- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).\n- ucsi_debugfs_entry: hide signedness change (git-fixes).\n- ucsi_operations: add stubs for all operations (git-fixes).\n- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).\n- udp: annotate data-races around up-\u003epending (git-fixes).\n- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).\n- udp: fix receiving fraglist GSO packets (git-fixes).\n- udp: preserve the connected status if only UDP cmsg (git-fixes).\n- uprobes: Use kzalloc to allocate xol area (git-fixes).\n- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).\n- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).\n- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).\n- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).\n- usb: cdnsp: do not disable slot for disabled slot (git-fixes).\n- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).\n- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).\n- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).\n- usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).\n- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).\n- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).\n- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).\n- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).\n- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).\n- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).\n- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).\n- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).\n- usb: musb: fix gadget state on disconnect (git-fixes).\n- usb: musb: omap2430: fix device leak at unbind (git-fixes).\n- usb: net: sierra: check for no status endpoint (git-fixes).\n- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).\n- usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).\n- usb: typec: Update sysfs when setting ops (git-fixes).\n- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).\n- usb: typec: displayport: Fix potential deadlock (git-fixes).\n- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).\n- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).\n- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).\n- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).\n- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).\n- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).\n- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).\n- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).\n- usb: typec: ucsi: Fix the partner PD revision (git-fixes).\n- usb: typec: ucsi: Get PD revision for partner (git-fixes).\n- usb: typec: ucsi: Only enable supported notifications (git-fixes).\n- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).\n- usb: typec: ucsi: Update power_supply on power role change (git-fixes).\n- usb: typec: ucsi: add callback for connector status updates (git-fixes).\n- usb: typec: ucsi: add update_connector callback (git-fixes).\n- usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).\n- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).\n- usb: typec: ucsi: extract code to read PD caps (git-fixes).\n- usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).\n- usb: typec: ucsi: fix UCSI on SM8550 \u0026 SM8650 Qualcomm devices (git-fixes).\n- usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).\n- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).\n- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).\n- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).\n- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).\n- usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).\n- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).\n- usb: typec: ucsi: properly register partner\u0027s PD device (git-fixes).\n- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).\n- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).\n- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).\n- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).\n- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).\n- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).\n- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).\n- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).\n- usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- virtgpu: do not reset on shutdown (git-fixes).\n- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).\n- vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).\n- vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).\n- vmxnet3: update MTU after device quiesce (bsc#1244626).\n- vt: add missing notification when switching back to text mode (stable-fixes).\n- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).\n- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: da9052_wdt: respect TWDMIN (stable-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).\n- watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).\n- watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).\n- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).\n- wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).\n- wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).\n- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).\n- wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).\n- wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).\n- wifi: ath11k: do not wait when there is no vdev started (git-fixes).\n- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).\n- wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).\n- wifi: ath11k: fix source ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).\n- wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).\n- wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).\n- wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath12k: fix a possible dead lock caused by ab-\u003ebase_lock (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).\n- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).\n- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).\n- wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).\n- wifi: ath12k: fix incorrect CE addresses (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).\n- wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: fix source ring-buffer corruption (git-fixes).\n- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).\n- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).\n- wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).\n- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).\n- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: iwlwifi: pcie: make sure to lock rxq-\u003eread (stable-fixes).\n- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).\n- wifi: mac80211: Add link iteration macro for link data (stable-fixes).\n- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).\n- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).\n- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).\n- wifi: mac80211: VLAN traffic in multicast path (stable-fixes).\n- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).\n- wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).\n- wifi: mac80211: fix beacon interval calculation overflow (git-fixes).\n- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).\n- wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).\n- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).\n- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).\n- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).\n- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).\n- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).\n- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).\n- x86/mce/amd: Fix threshold limit reset (git-fixes).\n- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).\n- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).\n- x86/microcode/AMD: Add get_patch_level() (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).\n- x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/microcode: Consolidate the loader enablement checking (git-fixes).\n- x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).\n- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).\n- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).\n- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).\n- x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).\n- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).\n- xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)\n- xen/x86: fix initial memory balloon target (git-fixes).\n- xfs: fix off-by-one error in fsmap\u0027s end_daddr usage (bsc#1235837).\n- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).\n- xfs: remove unused event xfs_alloc_near_error (git-fixes).\n- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).\n- xfs: remove unused event xfs_attr_node_removename (git-fixes).\n- xfs: remove unused event xfs_ioctl_clone (git-fixes).\n- xfs: remove unused event xfs_pagecache_inval (git-fixes).\n- xfs: remove unused event xlog_iclog_want_sync (git-fixes).\n- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).\n- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).\n- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).\n- xfs: remove unused xfs_attr events (git-fixes).\n- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).\n- xfs: remove usused xfs_end_io_direct events (git-fixes).\n- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).\n- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).\n- xhci: dbctty: disable ECHO flag by default (git-fixes).\n- xsk: always clear DMA mapping information when unmapping the pool (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2923,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-2923",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02923-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02923-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502923-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02923-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041308.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1139073",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "self",
"summary": "SUSE Bug 1204142",
"url": "https://bugzilla.suse.com/1204142"
},
{
"category": "self",
"summary": "SUSE Bug 1210025",
"url": "https://bugzilla.suse.com/1210025"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1219338",
"url": "https://bugzilla.suse.com/1219338"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223008",
"url": "https://bugzilla.suse.com/1223008"
},
{
"category": "self",
"summary": "SUSE Bug 1225707",
"url": "https://bugzilla.suse.com/1225707"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230216",
"url": "https://bugzilla.suse.com/1230216"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233300",
"url": "https://bugzilla.suse.com/1233300"
},
{
"category": "self",
"summary": "SUSE Bug 1235490",
"url": "https://bugzilla.suse.com/1235490"
},
{
"category": "self",
"summary": "SUSE Bug 1235613",
"url": "https://bugzilla.suse.com/1235613"
},
{
"category": "self",
"summary": "SUSE Bug 1235728",
"url": "https://bugzilla.suse.com/1235728"
},
{
"category": "self",
"summary": "SUSE Bug 1235837",
"url": "https://bugzilla.suse.com/1235837"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237913",
"url": "https://bugzilla.suse.com/1237913"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238859",
"url": "https://bugzilla.suse.com/1238859"
},
{
"category": "self",
"summary": "SUSE Bug 1238896",
"url": "https://bugzilla.suse.com/1238896"
},
{
"category": "self",
"summary": "SUSE Bug 1238982",
"url": "https://bugzilla.suse.com/1238982"
},
{
"category": "self",
"summary": "SUSE Bug 1239061",
"url": "https://bugzilla.suse.com/1239061"
},
{
"category": "self",
"summary": "SUSE Bug 1239470",
"url": "https://bugzilla.suse.com/1239470"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240180",
"url": "https://bugzilla.suse.com/1240180"
},
{
"category": "self",
"summary": "SUSE Bug 1240323",
"url": "https://bugzilla.suse.com/1240323"
},
{
"category": "self",
"summary": "SUSE Bug 1240577",
"url": "https://bugzilla.suse.com/1240577"
},
{
"category": "self",
"summary": "SUSE Bug 1240610",
"url": "https://bugzilla.suse.com/1240610"
},
{
"category": "self",
"summary": "SUSE Bug 1240686",
"url": "https://bugzilla.suse.com/1240686"
},
{
"category": "self",
"summary": "SUSE Bug 1240723",
"url": "https://bugzilla.suse.com/1240723"
},
{
"category": "self",
"summary": "SUSE Bug 1240814",
"url": "https://bugzilla.suse.com/1240814"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240885",
"url": "https://bugzilla.suse.com/1240885"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241278",
"url": "https://bugzilla.suse.com/1241278"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241345",
"url": "https://bugzilla.suse.com/1241345"
},
{
"category": "self",
"summary": "SUSE Bug 1241414",
"url": "https://bugzilla.suse.com/1241414"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241537",
"url": "https://bugzilla.suse.com/1241537"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241544",
"url": "https://bugzilla.suse.com/1241544"
},
{
"category": "self",
"summary": "SUSE Bug 1241572",
"url": "https://bugzilla.suse.com/1241572"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241592",
"url": "https://bugzilla.suse.com/1241592"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241617",
"url": "https://bugzilla.suse.com/1241617"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242086",
"url": "https://bugzilla.suse.com/1242086"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242515",
"url": "https://bugzilla.suse.com/1242515"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242521",
"url": "https://bugzilla.suse.com/1242521"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242573",
"url": "https://bugzilla.suse.com/1242573"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242725",
"url": "https://bugzilla.suse.com/1242725"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242837",
"url": "https://bugzilla.suse.com/1242837"
},
{
"category": "self",
"summary": "SUSE Bug 1242846",
"url": "https://bugzilla.suse.com/1242846"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242850",
"url": "https://bugzilla.suse.com/1242850"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242907",
"url": "https://bugzilla.suse.com/1242907"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242940",
"url": "https://bugzilla.suse.com/1242940"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242946",
"url": "https://bugzilla.suse.com/1242946"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242954",
"url": "https://bugzilla.suse.com/1242954"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242965",
"url": "https://bugzilla.suse.com/1242965"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242982",
"url": "https://bugzilla.suse.com/1242982"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243051",
"url": "https://bugzilla.suse.com/1243051"
},
{
"category": "self",
"summary": "SUSE Bug 1243060",
"url": "https://bugzilla.suse.com/1243060"
},
{
"category": "self",
"summary": "SUSE Bug 1243068",
"url": "https://bugzilla.suse.com/1243068"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243100",
"url": "https://bugzilla.suse.com/1243100"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243467",
"url": "https://bugzilla.suse.com/1243467"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243475",
"url": "https://bugzilla.suse.com/1243475"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243479",
"url": "https://bugzilla.suse.com/1243479"
},
{
"category": "self",
"summary": "SUSE Bug 1243480",
"url": "https://bugzilla.suse.com/1243480"
},
{
"category": "self",
"summary": "SUSE Bug 1243506",
"url": "https://bugzilla.suse.com/1243506"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243523",
"url": "https://bugzilla.suse.com/1243523"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243537",
"url": "https://bugzilla.suse.com/1243537"
},
{
"category": "self",
"summary": "SUSE Bug 1243538",
"url": "https://bugzilla.suse.com/1243538"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243542",
"url": "https://bugzilla.suse.com/1243542"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243544",
"url": "https://bugzilla.suse.com/1243544"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243551",
"url": "https://bugzilla.suse.com/1243551"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243571",
"url": "https://bugzilla.suse.com/1243571"
},
{
"category": "self",
"summary": "SUSE Bug 1243572",
"url": "https://bugzilla.suse.com/1243572"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243620",
"url": "https://bugzilla.suse.com/1243620"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243628",
"url": "https://bugzilla.suse.com/1243628"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243669",
"url": "https://bugzilla.suse.com/1243669"
},
{
"category": "self",
"summary": "SUSE Bug 1243698",
"url": "https://bugzilla.suse.com/1243698"
},
{
"category": "self",
"summary": "SUSE Bug 1243774",
"url": "https://bugzilla.suse.com/1243774"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243806",
"url": "https://bugzilla.suse.com/1243806"
},
{
"category": "self",
"summary": "SUSE Bug 1243823",
"url": "https://bugzilla.suse.com/1243823"
},
{
"category": "self",
"summary": "SUSE Bug 1243827",
"url": "https://bugzilla.suse.com/1243827"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1243836",
"url": "https://bugzilla.suse.com/1243836"
},
{
"category": "self",
"summary": "SUSE Bug 1243847",
"url": "https://bugzilla.suse.com/1243847"
},
{
"category": "self",
"summary": "SUSE Bug 1244100",
"url": "https://bugzilla.suse.com/1244100"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244172",
"url": "https://bugzilla.suse.com/1244172"
},
{
"category": "self",
"summary": "SUSE Bug 1244176",
"url": "https://bugzilla.suse.com/1244176"
},
{
"category": "self",
"summary": "SUSE Bug 1244229",
"url": "https://bugzilla.suse.com/1244229"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE Bug 1244274",
"url": "https://bugzilla.suse.com/1244274"
},
{
"category": "self",
"summary": "SUSE Bug 1244275",
"url": "https://bugzilla.suse.com/1244275"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244313",
"url": "https://bugzilla.suse.com/1244313"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244457",
"url": "https://bugzilla.suse.com/1244457"
},
{
"category": "self",
"summary": "SUSE Bug 1244626",
"url": "https://bugzilla.suse.com/1244626"
},
{
"category": "self",
"summary": "SUSE Bug 1244725",
"url": "https://bugzilla.suse.com/1244725"
},
{
"category": "self",
"summary": "SUSE Bug 1244727",
"url": "https://bugzilla.suse.com/1244727"
},
{
"category": "self",
"summary": "SUSE Bug 1244729",
"url": "https://bugzilla.suse.com/1244729"
},
{
"category": "self",
"summary": "SUSE Bug 1244731",
"url": "https://bugzilla.suse.com/1244731"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244735",
"url": "https://bugzilla.suse.com/1244735"
},
{
"category": "self",
"summary": "SUSE Bug 1244736",
"url": "https://bugzilla.suse.com/1244736"
},
{
"category": "self",
"summary": "SUSE Bug 1244737",
"url": "https://bugzilla.suse.com/1244737"
},
{
"category": "self",
"summary": "SUSE Bug 1244738",
"url": "https://bugzilla.suse.com/1244738"
},
{
"category": "self",
"summary": "SUSE Bug 1244739",
"url": "https://bugzilla.suse.com/1244739"
},
{
"category": "self",
"summary": "SUSE Bug 1244743",
"url": "https://bugzilla.suse.com/1244743"
},
{
"category": "self",
"summary": "SUSE Bug 1244746",
"url": "https://bugzilla.suse.com/1244746"
},
{
"category": "self",
"summary": "SUSE Bug 1244749",
"url": "https://bugzilla.suse.com/1244749"
},
{
"category": "self",
"summary": "SUSE Bug 1244750",
"url": "https://bugzilla.suse.com/1244750"
},
{
"category": "self",
"summary": "SUSE Bug 1244759",
"url": "https://bugzilla.suse.com/1244759"
},
{
"category": "self",
"summary": "SUSE Bug 1244789",
"url": "https://bugzilla.suse.com/1244789"
},
{
"category": "self",
"summary": "SUSE Bug 1244792",
"url": "https://bugzilla.suse.com/1244792"
},
{
"category": "self",
"summary": "SUSE Bug 1244801",
"url": "https://bugzilla.suse.com/1244801"
},
{
"category": "self",
"summary": "SUSE Bug 1244862",
"url": "https://bugzilla.suse.com/1244862"
},
{
"category": "self",
"summary": "SUSE Bug 1244906",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "self",
"summary": "SUSE Bug 1244938",
"url": "https://bugzilla.suse.com/1244938"
},
{
"category": "self",
"summary": "SUSE Bug 1244995",
"url": "https://bugzilla.suse.com/1244995"
},
{
"category": "self",
"summary": "SUSE Bug 1244996",
"url": "https://bugzilla.suse.com/1244996"
},
{
"category": "self",
"summary": "SUSE Bug 1244999",
"url": "https://bugzilla.suse.com/1244999"
},
{
"category": "self",
"summary": "SUSE Bug 1245001",
"url": "https://bugzilla.suse.com/1245001"
},
{
"category": "self",
"summary": "SUSE Bug 1245003",
"url": "https://bugzilla.suse.com/1245003"
},
{
"category": "self",
"summary": "SUSE Bug 1245004",
"url": "https://bugzilla.suse.com/1245004"
},
{
"category": "self",
"summary": "SUSE Bug 1245025",
"url": "https://bugzilla.suse.com/1245025"
},
{
"category": "self",
"summary": "SUSE Bug 1245042",
"url": "https://bugzilla.suse.com/1245042"
},
{
"category": "self",
"summary": "SUSE Bug 1245046",
"url": "https://bugzilla.suse.com/1245046"
},
{
"category": "self",
"summary": "SUSE Bug 1245078",
"url": "https://bugzilla.suse.com/1245078"
},
{
"category": "self",
"summary": "SUSE Bug 1245081",
"url": "https://bugzilla.suse.com/1245081"
},
{
"category": "self",
"summary": "SUSE Bug 1245082",
"url": "https://bugzilla.suse.com/1245082"
},
{
"category": "self",
"summary": "SUSE Bug 1245083",
"url": "https://bugzilla.suse.com/1245083"
},
{
"category": "self",
"summary": "SUSE Bug 1245151",
"url": "https://bugzilla.suse.com/1245151"
},
{
"category": "self",
"summary": "SUSE Bug 1245155",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245201",
"url": "https://bugzilla.suse.com/1245201"
},
{
"category": "self",
"summary": "SUSE Bug 1245202",
"url": "https://bugzilla.suse.com/1245202"
},
{
"category": "self",
"summary": "SUSE Bug 1245210",
"url": "https://bugzilla.suse.com/1245210"
},
{
"category": "self",
"summary": "SUSE Bug 1245216",
"url": "https://bugzilla.suse.com/1245216"
},
{
"category": "self",
"summary": "SUSE Bug 1245217",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "self",
"summary": "SUSE Bug 1245225",
"url": "https://bugzilla.suse.com/1245225"
},
{
"category": "self",
"summary": "SUSE Bug 1245226",
"url": "https://bugzilla.suse.com/1245226"
},
{
"category": "self",
"summary": "SUSE Bug 1245228",
"url": "https://bugzilla.suse.com/1245228"
},
{
"category": "self",
"summary": "SUSE Bug 1245260",
"url": "https://bugzilla.suse.com/1245260"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245440",
"url": "https://bugzilla.suse.com/1245440"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE Bug 1245457",
"url": "https://bugzilla.suse.com/1245457"
},
{
"category": "self",
"summary": "SUSE Bug 1245498",
"url": "https://bugzilla.suse.com/1245498"
},
{
"category": "self",
"summary": "SUSE Bug 1245499",
"url": "https://bugzilla.suse.com/1245499"
},
{
"category": "self",
"summary": "SUSE Bug 1245504",
"url": "https://bugzilla.suse.com/1245504"
},
{
"category": "self",
"summary": "SUSE Bug 1245506",
"url": "https://bugzilla.suse.com/1245506"
},
{
"category": "self",
"summary": "SUSE Bug 1245508",
"url": "https://bugzilla.suse.com/1245508"
},
{
"category": "self",
"summary": "SUSE Bug 1245510",
"url": "https://bugzilla.suse.com/1245510"
},
{
"category": "self",
"summary": "SUSE Bug 1245540",
"url": "https://bugzilla.suse.com/1245540"
},
{
"category": "self",
"summary": "SUSE Bug 1245598",
"url": "https://bugzilla.suse.com/1245598"
},
{
"category": "self",
"summary": "SUSE Bug 1245599",
"url": "https://bugzilla.suse.com/1245599"
},
{
"category": "self",
"summary": "SUSE Bug 1245646",
"url": "https://bugzilla.suse.com/1245646"
},
{
"category": "self",
"summary": "SUSE Bug 1245647",
"url": "https://bugzilla.suse.com/1245647"
},
{
"category": "self",
"summary": "SUSE Bug 1245649",
"url": "https://bugzilla.suse.com/1245649"
},
{
"category": "self",
"summary": "SUSE Bug 1245650",
"url": "https://bugzilla.suse.com/1245650"
},
{
"category": "self",
"summary": "SUSE Bug 1245654",
"url": "https://bugzilla.suse.com/1245654"
},
{
"category": "self",
"summary": "SUSE Bug 1245658",
"url": "https://bugzilla.suse.com/1245658"
},
{
"category": "self",
"summary": "SUSE Bug 1245660",
"url": "https://bugzilla.suse.com/1245660"
},
{
"category": "self",
"summary": "SUSE Bug 1245665",
"url": "https://bugzilla.suse.com/1245665"
},
{
"category": "self",
"summary": "SUSE Bug 1245666",
"url": "https://bugzilla.suse.com/1245666"
},
{
"category": "self",
"summary": "SUSE Bug 1245668",
"url": "https://bugzilla.suse.com/1245668"
},
{
"category": "self",
"summary": "SUSE Bug 1245669",
"url": "https://bugzilla.suse.com/1245669"
},
{
"category": "self",
"summary": "SUSE Bug 1245670",
"url": "https://bugzilla.suse.com/1245670"
},
{
"category": "self",
"summary": "SUSE Bug 1245671",
"url": "https://bugzilla.suse.com/1245671"
},
{
"category": "self",
"summary": "SUSE Bug 1245675",
"url": "https://bugzilla.suse.com/1245675"
},
{
"category": "self",
"summary": "SUSE Bug 1245676",
"url": "https://bugzilla.suse.com/1245676"
},
{
"category": "self",
"summary": "SUSE Bug 1245677",
"url": "https://bugzilla.suse.com/1245677"
},
{
"category": "self",
"summary": "SUSE Bug 1245679",
"url": "https://bugzilla.suse.com/1245679"
},
{
"category": "self",
"summary": "SUSE Bug 1245682",
"url": "https://bugzilla.suse.com/1245682"
},
{
"category": "self",
"summary": "SUSE Bug 1245683",
"url": "https://bugzilla.suse.com/1245683"
},
{
"category": "self",
"summary": "SUSE Bug 1245684",
"url": "https://bugzilla.suse.com/1245684"
},
{
"category": "self",
"summary": "SUSE Bug 1245688",
"url": "https://bugzilla.suse.com/1245688"
},
{
"category": "self",
"summary": "SUSE Bug 1245689",
"url": "https://bugzilla.suse.com/1245689"
},
{
"category": "self",
"summary": "SUSE Bug 1245690",
"url": "https://bugzilla.suse.com/1245690"
},
{
"category": "self",
"summary": "SUSE Bug 1245691",
"url": "https://bugzilla.suse.com/1245691"
},
{
"category": "self",
"summary": "SUSE Bug 1245695",
"url": "https://bugzilla.suse.com/1245695"
},
{
"category": "self",
"summary": "SUSE Bug 1245705",
"url": "https://bugzilla.suse.com/1245705"
},
{
"category": "self",
"summary": "SUSE Bug 1245708",
"url": "https://bugzilla.suse.com/1245708"
},
{
"category": "self",
"summary": "SUSE Bug 1245711",
"url": "https://bugzilla.suse.com/1245711"
},
{
"category": "self",
"summary": "SUSE Bug 1245713",
"url": "https://bugzilla.suse.com/1245713"
},
{
"category": "self",
"summary": "SUSE Bug 1245714",
"url": "https://bugzilla.suse.com/1245714"
},
{
"category": "self",
"summary": "SUSE Bug 1245719",
"url": "https://bugzilla.suse.com/1245719"
},
{
"category": "self",
"summary": "SUSE Bug 1245723",
"url": "https://bugzilla.suse.com/1245723"
},
{
"category": "self",
"summary": "SUSE Bug 1245729",
"url": "https://bugzilla.suse.com/1245729"
},
{
"category": "self",
"summary": "SUSE Bug 1245730",
"url": "https://bugzilla.suse.com/1245730"
},
{
"category": "self",
"summary": "SUSE Bug 1245731",
"url": "https://bugzilla.suse.com/1245731"
},
{
"category": "self",
"summary": "SUSE Bug 1245735",
"url": "https://bugzilla.suse.com/1245735"
},
{
"category": "self",
"summary": "SUSE Bug 1245737",
"url": "https://bugzilla.suse.com/1245737"
},
{
"category": "self",
"summary": "SUSE Bug 1245744",
"url": "https://bugzilla.suse.com/1245744"
},
{
"category": "self",
"summary": "SUSE Bug 1245745",
"url": "https://bugzilla.suse.com/1245745"
},
{
"category": "self",
"summary": "SUSE Bug 1245746",
"url": "https://bugzilla.suse.com/1245746"
},
{
"category": "self",
"summary": "SUSE Bug 1245747",
"url": "https://bugzilla.suse.com/1245747"
},
{
"category": "self",
"summary": "SUSE Bug 1245748",
"url": "https://bugzilla.suse.com/1245748"
},
{
"category": "self",
"summary": "SUSE Bug 1245749",
"url": "https://bugzilla.suse.com/1245749"
},
{
"category": "self",
"summary": "SUSE Bug 1245750",
"url": "https://bugzilla.suse.com/1245750"
},
{
"category": "self",
"summary": "SUSE Bug 1245751",
"url": "https://bugzilla.suse.com/1245751"
},
{
"category": "self",
"summary": "SUSE Bug 1245752",
"url": "https://bugzilla.suse.com/1245752"
},
{
"category": "self",
"summary": "SUSE Bug 1245757",
"url": "https://bugzilla.suse.com/1245757"
},
{
"category": "self",
"summary": "SUSE Bug 1245758",
"url": "https://bugzilla.suse.com/1245758"
},
{
"category": "self",
"summary": "SUSE Bug 1245765",
"url": "https://bugzilla.suse.com/1245765"
},
{
"category": "self",
"summary": "SUSE Bug 1245768",
"url": "https://bugzilla.suse.com/1245768"
},
{
"category": "self",
"summary": "SUSE Bug 1245769",
"url": "https://bugzilla.suse.com/1245769"
},
{
"category": "self",
"summary": "SUSE Bug 1245777",
"url": "https://bugzilla.suse.com/1245777"
},
{
"category": "self",
"summary": "SUSE Bug 1245781",
"url": "https://bugzilla.suse.com/1245781"
},
{
"category": "self",
"summary": "SUSE Bug 1245789",
"url": "https://bugzilla.suse.com/1245789"
},
{
"category": "self",
"summary": "SUSE Bug 1245937",
"url": "https://bugzilla.suse.com/1245937"
},
{
"category": "self",
"summary": "SUSE Bug 1245945",
"url": "https://bugzilla.suse.com/1245945"
},
{
"category": "self",
"summary": "SUSE Bug 1245951",
"url": "https://bugzilla.suse.com/1245951"
},
{
"category": "self",
"summary": "SUSE Bug 1245952",
"url": "https://bugzilla.suse.com/1245952"
},
{
"category": "self",
"summary": "SUSE Bug 1245954",
"url": "https://bugzilla.suse.com/1245954"
},
{
"category": "self",
"summary": "SUSE Bug 1245957",
"url": "https://bugzilla.suse.com/1245957"
},
{
"category": "self",
"summary": "SUSE Bug 1245966",
"url": "https://bugzilla.suse.com/1245966"
},
{
"category": "self",
"summary": "SUSE Bug 1245970",
"url": "https://bugzilla.suse.com/1245970"
},
{
"category": "self",
"summary": "SUSE Bug 1245976",
"url": "https://bugzilla.suse.com/1245976"
},
{
"category": "self",
"summary": "SUSE Bug 1245980",
"url": "https://bugzilla.suse.com/1245980"
},
{
"category": "self",
"summary": "SUSE Bug 1245983",
"url": "https://bugzilla.suse.com/1245983"
},
{
"category": "self",
"summary": "SUSE Bug 1245986",
"url": "https://bugzilla.suse.com/1245986"
},
{
"category": "self",
"summary": "SUSE Bug 1246000",
"url": "https://bugzilla.suse.com/1246000"
},
{
"category": "self",
"summary": "SUSE Bug 1246002",
"url": "https://bugzilla.suse.com/1246002"
},
{
"category": "self",
"summary": "SUSE Bug 1246006",
"url": "https://bugzilla.suse.com/1246006"
},
{
"category": "self",
"summary": "SUSE Bug 1246008",
"url": "https://bugzilla.suse.com/1246008"
},
{
"category": "self",
"summary": "SUSE Bug 1246020",
"url": "https://bugzilla.suse.com/1246020"
},
{
"category": "self",
"summary": "SUSE Bug 1246023",
"url": "https://bugzilla.suse.com/1246023"
},
{
"category": "self",
"summary": "SUSE Bug 1246029",
"url": "https://bugzilla.suse.com/1246029"
},
{
"category": "self",
"summary": "SUSE Bug 1246031",
"url": "https://bugzilla.suse.com/1246031"
},
{
"category": "self",
"summary": "SUSE Bug 1246037",
"url": "https://bugzilla.suse.com/1246037"
},
{
"category": "self",
"summary": "SUSE Bug 1246041",
"url": "https://bugzilla.suse.com/1246041"
},
{
"category": "self",
"summary": "SUSE Bug 1246042",
"url": "https://bugzilla.suse.com/1246042"
},
{
"category": "self",
"summary": "SUSE Bug 1246044",
"url": "https://bugzilla.suse.com/1246044"
},
{
"category": "self",
"summary": "SUSE Bug 1246045",
"url": "https://bugzilla.suse.com/1246045"
},
{
"category": "self",
"summary": "SUSE Bug 1246047",
"url": "https://bugzilla.suse.com/1246047"
},
{
"category": "self",
"summary": "SUSE Bug 1246049",
"url": "https://bugzilla.suse.com/1246049"
},
{
"category": "self",
"summary": "SUSE Bug 1246050",
"url": "https://bugzilla.suse.com/1246050"
},
{
"category": "self",
"summary": "SUSE Bug 1246055",
"url": "https://bugzilla.suse.com/1246055"
},
{
"category": "self",
"summary": "SUSE Bug 1246073",
"url": "https://bugzilla.suse.com/1246073"
},
{
"category": "self",
"summary": "SUSE Bug 1246093",
"url": "https://bugzilla.suse.com/1246093"
},
{
"category": "self",
"summary": "SUSE Bug 1246098",
"url": "https://bugzilla.suse.com/1246098"
},
{
"category": "self",
"summary": "SUSE Bug 1246109",
"url": "https://bugzilla.suse.com/1246109"
},
{
"category": "self",
"summary": "SUSE Bug 1246122",
"url": "https://bugzilla.suse.com/1246122"
},
{
"category": "self",
"summary": "SUSE Bug 1246125",
"url": "https://bugzilla.suse.com/1246125"
},
{
"category": "self",
"summary": "SUSE Bug 1246171",
"url": "https://bugzilla.suse.com/1246171"
},
{
"category": "self",
"summary": "SUSE Bug 1246173",
"url": "https://bugzilla.suse.com/1246173"
},
{
"category": "self",
"summary": "SUSE Bug 1246178",
"url": "https://bugzilla.suse.com/1246178"
},
{
"category": "self",
"summary": "SUSE Bug 1246182",
"url": "https://bugzilla.suse.com/1246182"
},
{
"category": "self",
"summary": "SUSE Bug 1246183",
"url": "https://bugzilla.suse.com/1246183"
},
{
"category": "self",
"summary": "SUSE Bug 1246186",
"url": "https://bugzilla.suse.com/1246186"
},
{
"category": "self",
"summary": "SUSE Bug 1246195",
"url": "https://bugzilla.suse.com/1246195"
},
{
"category": "self",
"summary": "SUSE Bug 1246203",
"url": "https://bugzilla.suse.com/1246203"
},
{
"category": "self",
"summary": "SUSE Bug 1246212",
"url": "https://bugzilla.suse.com/1246212"
},
{
"category": "self",
"summary": "SUSE Bug 1246220",
"url": "https://bugzilla.suse.com/1246220"
},
{
"category": "self",
"summary": "SUSE Bug 1246236",
"url": "https://bugzilla.suse.com/1246236"
},
{
"category": "self",
"summary": "SUSE Bug 1246240",
"url": "https://bugzilla.suse.com/1246240"
},
{
"category": "self",
"summary": "SUSE Bug 1246243",
"url": "https://bugzilla.suse.com/1246243"
},
{
"category": "self",
"summary": "SUSE Bug 1246246",
"url": "https://bugzilla.suse.com/1246246"
},
{
"category": "self",
"summary": "SUSE Bug 1246249",
"url": "https://bugzilla.suse.com/1246249"
},
{
"category": "self",
"summary": "SUSE Bug 1246250",
"url": "https://bugzilla.suse.com/1246250"
},
{
"category": "self",
"summary": "SUSE Bug 1246253",
"url": "https://bugzilla.suse.com/1246253"
},
{
"category": "self",
"summary": "SUSE Bug 1246258",
"url": "https://bugzilla.suse.com/1246258"
},
{
"category": "self",
"summary": "SUSE Bug 1246262",
"url": "https://bugzilla.suse.com/1246262"
},
{
"category": "self",
"summary": "SUSE Bug 1246264",
"url": "https://bugzilla.suse.com/1246264"
},
{
"category": "self",
"summary": "SUSE Bug 1246266",
"url": "https://bugzilla.suse.com/1246266"
},
{
"category": "self",
"summary": "SUSE Bug 1246268",
"url": "https://bugzilla.suse.com/1246268"
},
{
"category": "self",
"summary": "SUSE Bug 1246273",
"url": "https://bugzilla.suse.com/1246273"
},
{
"category": "self",
"summary": "SUSE Bug 1246283",
"url": "https://bugzilla.suse.com/1246283"
},
{
"category": "self",
"summary": "SUSE Bug 1246287",
"url": "https://bugzilla.suse.com/1246287"
},
{
"category": "self",
"summary": "SUSE Bug 1246292",
"url": "https://bugzilla.suse.com/1246292"
},
{
"category": "self",
"summary": "SUSE Bug 1246293",
"url": "https://bugzilla.suse.com/1246293"
},
{
"category": "self",
"summary": "SUSE Bug 1246295",
"url": "https://bugzilla.suse.com/1246295"
},
{
"category": "self",
"summary": "SUSE Bug 1246334",
"url": "https://bugzilla.suse.com/1246334"
},
{
"category": "self",
"summary": "SUSE Bug 1246337",
"url": "https://bugzilla.suse.com/1246337"
},
{
"category": "self",
"summary": "SUSE Bug 1246342",
"url": "https://bugzilla.suse.com/1246342"
},
{
"category": "self",
"summary": "SUSE Bug 1246349",
"url": "https://bugzilla.suse.com/1246349"
},
{
"category": "self",
"summary": "SUSE Bug 1246354",
"url": "https://bugzilla.suse.com/1246354"
},
{
"category": "self",
"summary": "SUSE Bug 1246358",
"url": "https://bugzilla.suse.com/1246358"
},
{
"category": "self",
"summary": "SUSE Bug 1246361",
"url": "https://bugzilla.suse.com/1246361"
},
{
"category": "self",
"summary": "SUSE Bug 1246364",
"url": "https://bugzilla.suse.com/1246364"
},
{
"category": "self",
"summary": "SUSE Bug 1246370",
"url": "https://bugzilla.suse.com/1246370"
},
{
"category": "self",
"summary": "SUSE Bug 1246375",
"url": "https://bugzilla.suse.com/1246375"
},
{
"category": "self",
"summary": "SUSE Bug 1246384",
"url": "https://bugzilla.suse.com/1246384"
},
{
"category": "self",
"summary": "SUSE Bug 1246386",
"url": "https://bugzilla.suse.com/1246386"
},
{
"category": "self",
"summary": "SUSE Bug 1246387",
"url": "https://bugzilla.suse.com/1246387"
},
{
"category": "self",
"summary": "SUSE Bug 1246438",
"url": "https://bugzilla.suse.com/1246438"
},
{
"category": "self",
"summary": "SUSE Bug 1246453",
"url": "https://bugzilla.suse.com/1246453"
},
{
"category": "self",
"summary": "SUSE Bug 1246473",
"url": "https://bugzilla.suse.com/1246473"
},
{
"category": "self",
"summary": "SUSE Bug 1246490",
"url": "https://bugzilla.suse.com/1246490"
},
{
"category": "self",
"summary": "SUSE Bug 1246506",
"url": "https://bugzilla.suse.com/1246506"
},
{
"category": "self",
"summary": "SUSE Bug 1246547",
"url": "https://bugzilla.suse.com/1246547"
},
{
"category": "self",
"summary": "SUSE Bug 1246777",
"url": "https://bugzilla.suse.com/1246777"
},
{
"category": "self",
"summary": "SUSE Bug 1246781",
"url": "https://bugzilla.suse.com/1246781"
},
{
"category": "self",
"summary": "SUSE Bug 1246870",
"url": "https://bugzilla.suse.com/1246870"
},
{
"category": "self",
"summary": "SUSE Bug 1246879",
"url": "https://bugzilla.suse.com/1246879"
},
{
"category": "self",
"summary": "SUSE Bug 1246911",
"url": "https://bugzilla.suse.com/1246911"
},
{
"category": "self",
"summary": "SUSE Bug 1247018",
"url": "https://bugzilla.suse.com/1247018"
},
{
"category": "self",
"summary": "SUSE Bug 1247023",
"url": "https://bugzilla.suse.com/1247023"
},
{
"category": "self",
"summary": "SUSE Bug 1247028",
"url": "https://bugzilla.suse.com/1247028"
},
{
"category": "self",
"summary": "SUSE Bug 1247031",
"url": "https://bugzilla.suse.com/1247031"
},
{
"category": "self",
"summary": "SUSE Bug 1247033",
"url": "https://bugzilla.suse.com/1247033"
},
{
"category": "self",
"summary": "SUSE Bug 1247035",
"url": "https://bugzilla.suse.com/1247035"
},
{
"category": "self",
"summary": "SUSE Bug 1247061",
"url": "https://bugzilla.suse.com/1247061"
},
{
"category": "self",
"summary": "SUSE Bug 1247089",
"url": "https://bugzilla.suse.com/1247089"
},
{
"category": "self",
"summary": "SUSE Bug 1247091",
"url": "https://bugzilla.suse.com/1247091"
},
{
"category": "self",
"summary": "SUSE Bug 1247097",
"url": "https://bugzilla.suse.com/1247097"
},
{
"category": "self",
"summary": "SUSE Bug 1247098",
"url": "https://bugzilla.suse.com/1247098"
},
{
"category": "self",
"summary": "SUSE Bug 1247101",
"url": "https://bugzilla.suse.com/1247101"
},
{
"category": "self",
"summary": "SUSE Bug 1247103",
"url": "https://bugzilla.suse.com/1247103"
},
{
"category": "self",
"summary": "SUSE Bug 1247104",
"url": "https://bugzilla.suse.com/1247104"
},
{
"category": "self",
"summary": "SUSE Bug 1247113",
"url": "https://bugzilla.suse.com/1247113"
},
{
"category": "self",
"summary": "SUSE Bug 1247118",
"url": "https://bugzilla.suse.com/1247118"
},
{
"category": "self",
"summary": "SUSE Bug 1247123",
"url": "https://bugzilla.suse.com/1247123"
},
{
"category": "self",
"summary": "SUSE Bug 1247125",
"url": "https://bugzilla.suse.com/1247125"
},
{
"category": "self",
"summary": "SUSE Bug 1247128",
"url": "https://bugzilla.suse.com/1247128"
},
{
"category": "self",
"summary": "SUSE Bug 1247132",
"url": "https://bugzilla.suse.com/1247132"
},
{
"category": "self",
"summary": "SUSE Bug 1247138",
"url": "https://bugzilla.suse.com/1247138"
},
{
"category": "self",
"summary": "SUSE Bug 1247141",
"url": "https://bugzilla.suse.com/1247141"
},
{
"category": "self",
"summary": "SUSE Bug 1247143",
"url": "https://bugzilla.suse.com/1247143"
},
{
"category": "self",
"summary": "SUSE Bug 1247145",
"url": "https://bugzilla.suse.com/1247145"
},
{
"category": "self",
"summary": "SUSE Bug 1247146",
"url": "https://bugzilla.suse.com/1247146"
},
{
"category": "self",
"summary": "SUSE Bug 1247147",
"url": "https://bugzilla.suse.com/1247147"
},
{
"category": "self",
"summary": "SUSE Bug 1247149",
"url": "https://bugzilla.suse.com/1247149"
},
{
"category": "self",
"summary": "SUSE Bug 1247150",
"url": "https://bugzilla.suse.com/1247150"
},
{
"category": "self",
"summary": "SUSE Bug 1247151",
"url": "https://bugzilla.suse.com/1247151"
},
{
"category": "self",
"summary": "SUSE Bug 1247153",
"url": "https://bugzilla.suse.com/1247153"
},
{
"category": "self",
"summary": "SUSE Bug 1247154",
"url": "https://bugzilla.suse.com/1247154"
},
{
"category": "self",
"summary": "SUSE Bug 1247156",
"url": "https://bugzilla.suse.com/1247156"
},
{
"category": "self",
"summary": "SUSE Bug 1247160",
"url": "https://bugzilla.suse.com/1247160"
},
{
"category": "self",
"summary": "SUSE Bug 1247164",
"url": "https://bugzilla.suse.com/1247164"
},
{
"category": "self",
"summary": "SUSE Bug 1247169",
"url": "https://bugzilla.suse.com/1247169"
},
{
"category": "self",
"summary": "SUSE Bug 1247170",
"url": "https://bugzilla.suse.com/1247170"
},
{
"category": "self",
"summary": "SUSE Bug 1247171",
"url": "https://bugzilla.suse.com/1247171"
},
{
"category": "self",
"summary": "SUSE Bug 1247172",
"url": "https://bugzilla.suse.com/1247172"
},
{
"category": "self",
"summary": "SUSE Bug 1247174",
"url": "https://bugzilla.suse.com/1247174"
},
{
"category": "self",
"summary": "SUSE Bug 1247176",
"url": "https://bugzilla.suse.com/1247176"
},
{
"category": "self",
"summary": "SUSE Bug 1247177",
"url": "https://bugzilla.suse.com/1247177"
},
{
"category": "self",
"summary": "SUSE Bug 1247178",
"url": "https://bugzilla.suse.com/1247178"
},
{
"category": "self",
"summary": "SUSE Bug 1247181",
"url": "https://bugzilla.suse.com/1247181"
},
{
"category": "self",
"summary": "SUSE Bug 1247209",
"url": "https://bugzilla.suse.com/1247209"
},
{
"category": "self",
"summary": "SUSE Bug 1247210",
"url": "https://bugzilla.suse.com/1247210"
},
{
"category": "self",
"summary": "SUSE Bug 1247227",
"url": "https://bugzilla.suse.com/1247227"
},
{
"category": "self",
"summary": "SUSE Bug 1247233",
"url": "https://bugzilla.suse.com/1247233"
},
{
"category": "self",
"summary": "SUSE Bug 1247236",
"url": "https://bugzilla.suse.com/1247236"
},
{
"category": "self",
"summary": "SUSE Bug 1247238",
"url": "https://bugzilla.suse.com/1247238"
},
{
"category": "self",
"summary": "SUSE Bug 1247241",
"url": "https://bugzilla.suse.com/1247241"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247251",
"url": "https://bugzilla.suse.com/1247251"
},
{
"category": "self",
"summary": "SUSE Bug 1247252",
"url": "https://bugzilla.suse.com/1247252"
},
{
"category": "self",
"summary": "SUSE Bug 1247253",
"url": "https://bugzilla.suse.com/1247253"
},
{
"category": "self",
"summary": "SUSE Bug 1247255",
"url": "https://bugzilla.suse.com/1247255"
},
{
"category": "self",
"summary": "SUSE Bug 1247271",
"url": "https://bugzilla.suse.com/1247271"
},
{
"category": "self",
"summary": "SUSE Bug 1247273",
"url": "https://bugzilla.suse.com/1247273"
},
{
"category": "self",
"summary": "SUSE Bug 1247274",
"url": "https://bugzilla.suse.com/1247274"
},
{
"category": "self",
"summary": "SUSE Bug 1247276",
"url": "https://bugzilla.suse.com/1247276"
},
{
"category": "self",
"summary": "SUSE Bug 1247277",
"url": "https://bugzilla.suse.com/1247277"
},
{
"category": "self",
"summary": "SUSE Bug 1247278",
"url": "https://bugzilla.suse.com/1247278"
},
{
"category": "self",
"summary": "SUSE Bug 1247279",
"url": "https://bugzilla.suse.com/1247279"
},
{
"category": "self",
"summary": "SUSE Bug 1247284",
"url": "https://bugzilla.suse.com/1247284"
},
{
"category": "self",
"summary": "SUSE Bug 1247285",
"url": "https://bugzilla.suse.com/1247285"
},
{
"category": "self",
"summary": "SUSE Bug 1247288",
"url": "https://bugzilla.suse.com/1247288"
},
{
"category": "self",
"summary": "SUSE Bug 1247289",
"url": "https://bugzilla.suse.com/1247289"
},
{
"category": "self",
"summary": "SUSE Bug 1247293",
"url": "https://bugzilla.suse.com/1247293"
},
{
"category": "self",
"summary": "SUSE Bug 1247311",
"url": "https://bugzilla.suse.com/1247311"
},
{
"category": "self",
"summary": "SUSE Bug 1247314",
"url": "https://bugzilla.suse.com/1247314"
},
{
"category": "self",
"summary": "SUSE Bug 1247317",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "self",
"summary": "SUSE Bug 1247347",
"url": "https://bugzilla.suse.com/1247347"
},
{
"category": "self",
"summary": "SUSE Bug 1247348",
"url": "https://bugzilla.suse.com/1247348"
},
{
"category": "self",
"summary": "SUSE Bug 1247349",
"url": "https://bugzilla.suse.com/1247349"
},
{
"category": "self",
"summary": "SUSE Bug 1247374",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "self",
"summary": "SUSE Bug 1247437",
"url": "https://bugzilla.suse.com/1247437"
},
{
"category": "self",
"summary": "SUSE Bug 1247450",
"url": "https://bugzilla.suse.com/1247450"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11135 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36028 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36348 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36349 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36350 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36357 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56613 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56742 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21868 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21898 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21899 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23163 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37786 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37874 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37921 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37933 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37984 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37998 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38023 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38024 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38031 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38034 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38040 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38051 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38052 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38059 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38061 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38068 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38072 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38074 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38077 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38081 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38084 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38087 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38094 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38098 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38099 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38100 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38110 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38111 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38112 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38113 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38115 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38117 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38118 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38120 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38122 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38123 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38127 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38132 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38135 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38143 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38153 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38154 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38155 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38162 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38165 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38166 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38173 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38174 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38177 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38180 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38182 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38183 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38188 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38192 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38193 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38194 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38197 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38198 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38200 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38202 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38203 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38204 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38206 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38210 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38211 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38212 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38213 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38214 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38217 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38220 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38222 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38225 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38226 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38227 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38229 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38231 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38236 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38239 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38244 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38246 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38248 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38249 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38250 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38257 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38259 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38264 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38272 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38273 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38275 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38277 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38279 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38283 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38286 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38289 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38290 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38292 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38293 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38300 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38303 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38304 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38305 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38307 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38310 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38313 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38319 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38323 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38326 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38326/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38328 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38332 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38334 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38335 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38336 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38337 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38337/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38338 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38342 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38343 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38344 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38345 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38348 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38349 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38349/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38350 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38352 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38354 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38362 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38363 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38364 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38365 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38369 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38371 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38373 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38376 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38376/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38377 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38380 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38382 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38384 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38385 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38386 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38387 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38387/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38389 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38391 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38392 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38392/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38393 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38395 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38396 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38399 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38400 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38401 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38403 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38403/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38404 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38406 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38409 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38409/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38410 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38412 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38414 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38416 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38420 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38424 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38425 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38426 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38428 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38429 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38430 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38430/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38436 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38443 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38448 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38449 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38449/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38455 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38457 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38460 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38461 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38462 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38463 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38470 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38471 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38473 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38474 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38477 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38478 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38480 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38481 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38482 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38483 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38485 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38487 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38489 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38494 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38496 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38497 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38498 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-08-20T07:24:58Z",
"generator": {
"date": "2025-08-20T07:24:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02923-1",
"initial_release_date": "2025-08-20T07:24:58Z",
"revision_history": [
{
"date": "2025-08-20T07:24:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"product": {
"name": "kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"product_id": "kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"product": {
"name": "kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"product_id": "kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "cluster-md-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "cluster-md-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "dlm-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "dlm-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "gfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "gfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-extra-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-extra-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-extra-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-livepatch-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-livepatch-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-livepatch-devel-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-optional-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-optional-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-optional-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-vdso-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-vdso-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco-vdso-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-vdso-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-vdso-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-vdso-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "kselftests-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "kselftests-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "ocfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "ocfs2-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product": {
"name": "reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"product_id": "reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-confidential-computing:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch"
},
"product_reference": "kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch"
},
"product_reference": "kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
},
"product_reference": "reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11135"
}
],
"notes": [
{
"category": "general",
"text": "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11135",
"url": "https://www.suse.com/security/cve/CVE-2019-11135"
},
{
"category": "external",
"summary": "SUSE Bug 1139073 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "external",
"summary": "SUSE Bug 1152497 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152497"
},
{
"category": "external",
"summary": "SUSE Bug 1152505 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152505"
},
{
"category": "external",
"summary": "SUSE Bug 1152506 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152506"
},
{
"category": "external",
"summary": "SUSE Bug 1160120 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1160120"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-11135"
},
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-26831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: Fix handshake_req_destroy_test1\n\nRecently, handshake_req_destroy_test1 started failing:\n\nExpected handshake_req_destroy_test == req, but\n handshake_req_destroy_test == 0000000000000000\n req == 0000000060f99b40\nnot ok 11 req_destroy works\n\nThis is because \"sock_release(sock)\" was replaced with \"fput(filp)\"\nto address a memory leak. Note that sock_release() is synchronous\nbut fput() usually delays the final close and clean-up.\n\nThe delay is not consequential in the other cases that were changed\nbut handshake_req_destroy_test1 is testing that handshake_req_cancel()\nfollowed by closing the file actually does call the -\u003ehp_destroy\nmethod. Thus the PTR_EQ test at the end has to be sure that the\nfinal close is complete before it checks the pointer.\n\nWe cannot use a completion here because if -\u003ehp_destroy is never\ncalled (ie, there is an API bug) then the test will hang.\n\nReported by: Guenter Roeck \u003clinux@roeck-us.net\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26831",
"url": "https://www.suse.com/security/cve/CVE-2024-26831"
},
{
"category": "external",
"summary": "SUSE Bug 1223008 for CVE-2024-26831",
"url": "https://bugzilla.suse.com/1223008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-26831"
},
{
"cve": "CVE-2024-36028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio()\n\nWhen I did memory failure tests recently, below warning occurs:\n\nDEBUG_LOCKS_WARN_ON(1)\nWARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 __lock_acquire+0xccb/0x1ca0\nModules linked in: mce_inject hwpoison_inject\nCPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__lock_acquire+0xccb/0x1ca0\nRSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082\nRAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0\nRBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb\nR10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10\nR13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004\nFS: 00007ff9f32aa740(0000) GS:ffffa1ce5fc00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ff9f3134ba0 CR3: 00000008484e4000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0xbe/0x2d0\n _raw_spin_lock_irqsave+0x3a/0x60\n hugepage_subpool_put_pages.part.0+0xe/0xc0\n free_huge_folio+0x253/0x3f0\n dissolve_free_huge_page+0x147/0x210\n __page_handle_poison+0x9/0x70\n memory_failure+0x4e6/0x8c0\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x380/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xbc/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff9f3114887\nRSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887\nRDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001\nRBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c\nR13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\nCPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n panic+0x326/0x350\n check_panic_on_warn+0x4f/0x50\n __warn+0x98/0x190\n report_bug+0x18e/0x1a0\n handle_bug+0x3d/0x70\n exc_invalid_op+0x18/0x70\n asm_exc_invalid_op+0x1a/0x20\nRIP: 0010:__lock_acquire+0xccb/0x1ca0\nRSP: 0018:ffffa7a1c7fe3bd0 EFLAGS: 00000082\nRAX: 0000000000000000 RBX: eb851eb853975fcf RCX: ffffa1ce5fc1c9c8\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffffa1ce5fc1c9c0\nRBP: ffffa1c6865d3280 R08: ffffffffb0f570a8 R09: 0000000000009ffb\nR10: 0000000000000286 R11: ffffffffb0f2ad50 R12: ffffa1c6865d3d10\nR13: ffffa1c6865d3c70 R14: 0000000000000000 R15: 0000000000000004\n lock_acquire+0xbe/0x2d0\n _raw_spin_lock_irqsave+0x3a/0x60\n hugepage_subpool_put_pages.part.0+0xe/0xc0\n free_huge_folio+0x253/0x3f0\n dissolve_free_huge_page+0x147/0x210\n __page_handle_poison+0x9/0x70\n memory_failure+0x4e6/0x8c0\n hard_offline_page_store+0x55/0xa0\n kernfs_fop_write_iter+0x12c/0x1d0\n vfs_write+0x380/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xbc/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff9f3114887\nRSP: 002b:00007ffecbacb458 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007ff9f3114887\nRDX: 000000000000000c RSI: 0000564494164e10 RDI: 0000000000000001\nRBP: 0000564494164e10 R08: 00007ff9f31d1460 R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c\nR13: 00007ff9f321b780 R14: 00007ff9f3217600 R15: 00007ff9f3216a00\n \u003c/TASK\u003e\n\nAfter git bisecting and digging into the code, I believe the root cause is\nthat _deferred_list field of folio is unioned with _hugetlb_subpool field.\nIn __update_and_free_hugetlb_folio(), folio-\u003e_deferred_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36028",
"url": "https://www.suse.com/security/cve/CVE-2024-36028"
},
{
"category": "external",
"summary": "SUSE Bug 1225707 for CVE-2024-36028",
"url": "https://bugzilla.suse.com/1225707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36028"
},
{
"cve": "CVE-2024-36348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36348"
}
],
"notes": [
{
"category": "general",
"text": "A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36348",
"url": "https://www.suse.com/security/cve/CVE-2024-36348"
},
{
"category": "external",
"summary": "SUSE Bug 1238896 for CVE-2024-36348",
"url": "https://bugzilla.suse.com/1238896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36348"
},
{
"cve": "CVE-2024-36349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36349"
}
],
"notes": [
{
"category": "general",
"text": "A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36349",
"url": "https://www.suse.com/security/cve/CVE-2024-36349"
},
{
"category": "external",
"summary": "SUSE Bug 1238896 for CVE-2024-36349",
"url": "https://bugzilla.suse.com/1238896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36349"
},
{
"cve": "CVE-2024-36350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36350"
}
],
"notes": [
{
"category": "general",
"text": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36350",
"url": "https://www.suse.com/security/cve/CVE-2024-36350"
},
{
"category": "external",
"summary": "SUSE Bug 1238896 for CVE-2024-36350",
"url": "https://bugzilla.suse.com/1238896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36350"
},
{
"cve": "CVE-2024-36357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36357"
}
],
"notes": [
{
"category": "general",
"text": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36357",
"url": "https://www.suse.com/security/cve/CVE-2024-36357"
},
{
"category": "external",
"summary": "SUSE Bug 1238896 for CVE-2024-36357",
"url": "https://bugzilla.suse.com/1238896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-36357"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-44963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not BUG_ON() when freeing tree block after error\n\nWhen freeing a tree block, at btrfs_free_tree_block(), if we fail to\ncreate a delayed reference we don\u0027t deal with the error and just do a\nBUG_ON(). The error most likely to happen is -ENOMEM, and we have a\ncomment mentioning that only -ENOMEM can happen, but that is not true,\nbecause in case qgroups are enabled any error returned from\nbtrfs_qgroup_trace_extent_post() (can be -EUCLEAN or anything returned\nfrom btrfs_search_slot() for example) can be propagated back to\nbtrfs_free_tree_block().\n\nSo stop doing a BUG_ON() and return the error to the callers and make\nthem abort the transaction to prevent leaking space. Syzbot was\ntriggering this, likely due to memory allocation failure injection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44963",
"url": "https://www.suse.com/security/cve/CVE-2024-44963"
},
{
"category": "external",
"summary": "SUSE Bug 1230216 for CVE-2024-44963",
"url": "https://bugzilla.suse.com/1230216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-44963"
},
{
"cve": "CVE-2024-49568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the fields v2_ext_offset/\neid_cnt/ism_gid_cnt in proposal msg are from the remote client\nand can not be fully trusted. Especially the field v2_ext_offset,\nonce exceed the max value, there has the chance to access wrong\naddress, and crash may happen.\n\nThis patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt\nbefore using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49568",
"url": "https://www.suse.com/security/cve/CVE-2024-49568"
},
{
"category": "external",
"summary": "SUSE Bug 1235728 for CVE-2024-49568",
"url": "https://bugzilla.suse.com/1235728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-49568"
},
{
"cve": "CVE-2024-49861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix helper writes to read-only maps\n\nLonial found an issue that despite user- and BPF-side frozen BPF map\n(like in case of .rodata), it was still possible to write into it from\na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT}\nas arguments.\n\nIn check_func_arg() when the argument is as mentioned, the meta-\u003eraw_mode\nis never set. Later, check_helper_mem_access(), under the case of\nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the\nsubsequent call to check_map_access_type() and given the BPF map is\nread-only it succeeds.\n\nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT\nwhen results are written into them as opposed to read out of them. The\nlatter indicates that it\u0027s okay to pass a pointer to uninitialized memory\nas the memory is written to anyway.\n\nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM\njust with additional alignment requirement. So it is better to just get\nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the\nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure\nalignment given these helpers write directly into the args via *\u003cptr\u003e = val.\nThe .arg*_size has been initialized reflecting the actual sizeof(*\u003cptr\u003e).\n\nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated\nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know\nthe buffer size a priori and therefore cannot blindly write *\u003cptr\u003e = val.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49861",
"url": "https://www.suse.com/security/cve/CVE-2024-49861"
},
{
"category": "external",
"summary": "SUSE Bug 1232254 for CVE-2024-49861",
"url": "https://bugzilla.suse.com/1232254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-49861"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-56613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: fix memory leak due to the overwritten vma-\u003enumab_state\n\n[Problem Description]\nWhen running the hackbench program of LTP, the following memory leak is\nreported by kmemleak.\n\n # /opt/ltp/testcases/bin/hackbench 20 thread 1000\n Running with 20*40 (== 800) tasks.\n\n # dmesg | grep kmemleak\n ...\n kmemleak: 480 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n kmemleak: 665 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\n # cat /sys/kernel/debug/kmemleak\n unreferenced object 0xffff888cd8ca2c40 (size 64):\n comm \"hackbench\", pid 17142, jiffies 4299780315\n hex dump (first 32 bytes):\n ac 74 49 00 01 00 00 00 4c 84 49 00 01 00 00 00 .tI.....L.I.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc bff18fd4):\n [\u003cffffffff81419a89\u003e] __kmalloc_cache_noprof+0x2f9/0x3f0\n [\u003cffffffff8113f715\u003e] task_numa_work+0x725/0xa00\n [\u003cffffffff8110f878\u003e] task_work_run+0x58/0x90\n [\u003cffffffff81ddd9f8\u003e] syscall_exit_to_user_mode+0x1c8/0x1e0\n [\u003cffffffff81dd78d5\u003e] do_syscall_64+0x85/0x150\n [\u003cffffffff81e0012b\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\nThis issue can be consistently reproduced on three different servers:\n * a 448-core server\n * a 256-core server\n * a 192-core server\n\n[Root Cause]\nSince multiple threads are created by the hackbench program (along with\nthe command argument \u0027thread\u0027), a shared vma might be accessed by two or\nmore cores simultaneously. When two or more cores observe that\nvma-\u003enumab_state is NULL at the same time, vma-\u003enumab_state will be\noverwritten.\n\nAlthough current code ensures that only one thread scans the VMAs in a\nsingle \u0027numa_scan_period\u0027, there might be a chance for another thread\nto enter in the next \u0027numa_scan_period\u0027 while we have not gotten till\nnumab_state allocation [1].\n\nNote that the command `/opt/ltp/testcases/bin/hackbench 50 process 1000`\ncannot the reproduce the issue. It is verified with 200+ test runs.\n\n[Solution]\nUse the cmpxchg atomic operation to ensure that only one thread executes\nthe vma-\u003enumab_state assignment.\n\n[1] https://lore.kernel.org/lkml/1794be3c-358c-4cdc-a43d-a1f841d91ef7@amd.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56613",
"url": "https://www.suse.com/security/cve/CVE-2024-56613"
},
{
"category": "external",
"summary": "SUSE Bug 1244176 for CVE-2024-56613",
"url": "https://bugzilla.suse.com/1244176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2024-56613"
},
{
"cve": "CVE-2024-56699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix potential double remove of hotplug slot\n\nIn commit 6ee600bfbe0f (\"s390/pci: remove hotplug slot when releasing the\ndevice\") the zpci_exit_slot() was moved from zpci_device_reserved() to\nzpci_release_device() with the intention of keeping the hotplug slot\naround until the device is actually removed.\n\nNow zpci_release_device() is only called once all references are\ndropped. Since the zPCI subsystem only drops its reference once the\ndevice is in the reserved state it follows that zpci_release_device()\nmust only deal with devices in the reserved state. Despite that it\ncontains code to tear down from both configured and standby state. For\nthe standby case this already includes the removal of the hotplug slot\nso would cause a double removal if a device was ever removed in\neither configured or standby state.\n\nInstead of causing a potential double removal in a case that should\nnever happen explicitly WARN_ON() if a device in non-reserved state is\nreleased and get rid of the dead code cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56699",
"url": "https://www.suse.com/security/cve/CVE-2024-56699"
},
{
"category": "external",
"summary": "SUSE Bug 1235490 for CVE-2024-56699",
"url": "https://bugzilla.suse.com/1235490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-56699"
},
{
"cve": "CVE-2024-56742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()\n\nFix an unwind issue in mlx5vf_add_migration_pages().\n\nIf a set of pages is allocated but fails to be added to the SG table,\nthey need to be freed to prevent a memory leak.\n\nAny pages successfully added to the SG table will be freed as part of\nmlx5vf_free_data_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56742",
"url": "https://www.suse.com/security/cve/CVE-2024-56742"
},
{
"category": "external",
"summary": "SUSE Bug 1235613 for CVE-2024-56742",
"url": "https://bugzilla.suse.com/1235613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-56742"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: state: fix out-of-bounds read during lookup\n\nlookup and resize can run in parallel.\n\nThe xfrm_state_hash_generation seqlock ensures a retry, but the hash\nfunctions can observe a hmask value that is too large for the new hlist\narray.\n\nrehash does:\n rcu_assign_pointer(net-\u003exfrm.state_bydst, ndst) [..]\n net-\u003exfrm.state_hmask = nhashmask;\n\nWhile state lookup does:\n h = xfrm_dst_hash(net, daddr, saddr, tmpl-\u003ereqid, encap_family);\n hlist_for_each_entry_rcu(x, net-\u003exfrm.state_bydst + h, bydst) {\n\nThis is only safe in case the update to state_bydst is larger than\nnet-\u003exfrm.xfrm_state_hmask (or if the lookup function gets\nserialized via state spinlock again).\n\nFix this by prefetching state_hmask and the associated pointers.\nThe xfrm_state_hash_generation seqlock retry will ensure that the pointer\nand the hmask will be consistent.\n\nThe existing helpers, like xfrm_dst_hash(), are now unsafe for RCU side,\nadd lockdep assertions to document that they are only safe for insert\nside.\n\nxfrm_state_lookup_byaddr() uses the spinlock rather than RCU.\nAFAICS this is an oversight from back when state lookup was converted to\nRCU, this lock should be replaced with RCU in a future patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57982",
"url": "https://www.suse.com/security/cve/CVE-2024-57982"
},
{
"category": "external",
"summary": "SUSE Bug 1237913 for CVE-2024-57982",
"url": "https://bugzilla.suse.com/1237913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-58053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix handling of received connection abort\n\nFix the handling of a connection abort that we\u0027ve received. Though the\nabort is at the connection level, it needs propagating to the calls on that\nconnection. Whilst the propagation bit is performed, the calls aren\u0027t then\nwoken up to go and process their termination, and as no further input is\nforthcoming, they just hang.\n\nAlso add some tracing for the logging of connection aborts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58053",
"url": "https://www.suse.com/security/cve/CVE-2024-58053"
},
{
"category": "external",
"summary": "SUSE Bug 1238982 for CVE-2024-58053",
"url": "https://bugzilla.suse.com/1238982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-58053"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid extent tree\n\n[BUG]\nSyzbot reported a crash with the following call trace:\n\n BTRFS info (device loop0): scrub: started on devid 1\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G O 6.13.0-rc4-custom+ #206\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]\n scrub_simple_mirror+0x175/0x260 [btrfs]\n scrub_stripe+0x5d4/0x6c0 [btrfs]\n scrub_chunk+0xbb/0x170 [btrfs]\n scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]\n btrfs_scrub_dev+0x240/0x600 [btrfs]\n btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]\n ? do_sys_openat2+0xa5/0xf0\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\n[CAUSE]\nThe reproducer is using a corrupted image where extent tree root is\ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the\nimage.\n\nThen it triggered a scrub, but since scrub relies on extent tree to find\nwhere the data/metadata extents are, scrub_find_fill_first_stripe()\nrelies on an non-empty extent root.\n\nBut unfortunately scrub_find_fill_first_stripe() doesn\u0027t really expect\nan NULL pointer for extent root, it use extent_root to grab fs_info and\ntriggered a NULL pointer dereference.\n\n[FIX]\nAdd an extra check for a valid extent root at the beginning of\nscrub_find_fill_first_stripe().\n\nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce\nmount option rescue=ignorebadroots\"), but that\u0027s pretty old, and later\ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill\nsector info for a scrub_stripe\") changed how we do scrub.\n\nSo for kernels older than 6.6, the fix will need manual backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21658",
"url": "https://www.suse.com/security/cve/CVE-2025-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1236208 for CVE-2025-21658",
"url": "https://bugzilla.suse.com/1236208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21658"
},
{
"cve": "CVE-2025-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: delete intermediate secpath entry in packet offload mode\n\nPackets handled by hardware have added secpath as a way to inform XFRM\ncore code that this path was already handled. That secpath is not needed\nat all after policy is checked and it is removed later in the stack.\n\nHowever, in the case of IP forwarding is enabled (/proc/sys/net/ipv4/ip_forward),\nthat secpath is not removed and packets which already were handled are reentered\nto the driver TX path with xfrm_offload set.\n\nThe following kernel panic is observed in mlx5 in such case:\n\n mlx5_core 0000:04:00.0 enp4s0f0np0: Link up\n mlx5_core 0000:04:00.1 enp4s0f1np1: Link up\n Initializing XFRM netlink socket\n IPsec XFRM device driver\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0010 [#1] PREEMPT SMP\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc1-alex #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n RSP: 0018:ffffb87380003800 EFLAGS: 00010206\n RAX: ffff8df004e02600 RBX: ffffb873800038d8 RCX: 00000000ffff98cf\n RDX: ffff8df00733e108 RSI: ffff8df00521fb80 RDI: ffff8df001661f00\n RBP: ffffb87380003850 R08: ffff8df013980000 R09: 0000000000000010\n R10: 0000000000000002 R11: 0000000000000002 R12: ffff8df001661f00\n R13: ffff8df00521fb80 R14: ffff8df00733e108 R15: ffff8df011faf04e\n FS: 0000000000000000(0000) GS:ffff8df46b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000106384000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n ? show_regs+0x63/0x70\n ? __die_body+0x20/0x60\n ? __die+0x2b/0x40\n ? page_fault_oops+0x15c/0x550\n ? do_user_addr_fault+0x3ed/0x870\n ? exc_page_fault+0x7f/0x190\n ? asm_exc_page_fault+0x27/0x30\n mlx5e_ipsec_handle_tx_skb+0xe7/0x2f0 [mlx5_core]\n mlx5e_xmit+0x58e/0x1980 [mlx5_core]\n ? __fib_lookup+0x6a/0xb0\n dev_hard_start_xmit+0x82/0x1d0\n sch_direct_xmit+0xfe/0x390\n __dev_queue_xmit+0x6d8/0xee0\n ? __fib_lookup+0x6a/0xb0\n ? internal_add_timer+0x48/0x70\n ? mod_timer+0xe2/0x2b0\n neigh_resolve_output+0x115/0x1b0\n __neigh_update+0x26a/0xc50\n neigh_update+0x14/0x20\n arp_process+0x2cb/0x8e0\n ? __napi_build_skb+0x5e/0x70\n arp_rcv+0x11e/0x1c0\n ? dev_gro_receive+0x574/0x820\n __netif_receive_skb_list_core+0x1cf/0x1f0\n netif_receive_skb_list_internal+0x183/0x2a0\n napi_complete_done+0x76/0x1c0\n mlx5e_napi_poll+0x234/0x7a0 [mlx5_core]\n __napi_poll+0x2d/0x1f0\n net_rx_action+0x1a6/0x370\n ? atomic_notifier_call_chain+0x3b/0x50\n ? irq_int_handler+0x15/0x20 [mlx5_core]\n handle_softirqs+0xb9/0x2f0\n ? handle_irq_event+0x44/0x60\n irq_exit_rcu+0xdb/0x100\n common_interrupt+0x98/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x27/0x40\n RIP: 0010:pv_native_safe_halt+0xb/0x10\n Code: 09 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 22\n 0f 1f 84 00 00 00 00 00 90 eb 07 0f 00 2d 7f e9 36 00 fb\n40 00 83 ff 07 77 21 89 ff ff 24 fd 88 3d a1 bd 0f 21 f8\n RSP: 0018:ffffffffbe603de8 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000f92f46680\n RDX: 0000000000000037 RSI: 00000000ffffffff RDI: 00000000000518d4\n RBP: ffffffffbe603df0 R08: 000000cd42e4dffb R09: ffffffffbe603d70\n R10: 0000004d80d62680 R11: 0000000000000001 R12: ffffffffbe60bf40\n R13: 0000000000000000 R14: 0000000000000000 R15: ffffffffbe60aff8\n ? default_idle+0x9/0x20\n arch_cpu_idle+0x9/0x10\n default_idle_call+0x29/0xf0\n do_idle+0x1f2/0x240\n cpu_startup_entry+0x2c/0x30\n rest_init+0xe7/0x100\n start_kernel+0x76b/0xb90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0xc0/0x110\n ? setup_ghcb+0xe/0x130\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n Modules linked in: esp4_offload esp4 xfrm_interface\nxfrm6_tunnel tunnel4 tunnel6 xfrm_user xfrm_algo binf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21720",
"url": "https://www.suse.com/security/cve/CVE-2025-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1238859 for CVE-2025-21720",
"url": "https://bugzilla.suse.com/1238859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop\n\nMove the conditional loading of hardware DR6 with the guest\u0027s DR6 value\nout of the core .vcpu_run() loop to fix a bug where KVM can load hardware\nwith a stale vcpu-\u003earch.dr6.\n\nWhen the guest accesses a DR and host userspace isn\u0027t debugging the guest,\nKVM disables DR interception and loads the guest\u0027s values into hardware on\nVM-Enter and saves them on VM-Exit. This allows the guest to access DRs\nat will, e.g. so that a sequence of DR accesses to configure a breakpoint\nonly generates one VM-Exit.\n\nFor DR0-DR3, the logic/behavior is identical between VMX and SVM, and also\nidentical between KVM_DEBUGREG_BP_ENABLED (userspace debugging the guest)\nand KVM_DEBUGREG_WONT_EXIT (guest using DRs), and so KVM handles loading\nDR0-DR3 in common code, _outside_ of the core kvm_x86_ops.vcpu_run() loop.\n\nBut for DR6, the guest\u0027s value doesn\u0027t need to be loaded into hardware for\nKVM_DEBUGREG_BP_ENABLED, and SVM provides a dedicated VMCB field whereas\nVMX requires software to manually load the guest value, and so loading the\nguest\u0027s value into DR6 is handled by {svm,vmx}_vcpu_run(), i.e. is done\n_inside_ the core run loop.\n\nUnfortunately, saving the guest values on VM-Exit is initiated by common\nx86, again outside of the core run loop. If the guest modifies DR6 (in\nhardware, when DR interception is disabled), and then the next VM-Exit is\na fastpath VM-Exit, KVM will reload hardware DR6 with vcpu-\u003earch.dr6 and\nclobber the guest\u0027s actual value.\n\nThe bug shows up primarily with nested VMX because KVM handles the VMX\npreemption timer in the fastpath, and the window between hardware DR6\nbeing modified (in guest context) and DR6 being read by guest software is\norders of magnitude larger in a nested setup. E.g. in non-nested, the\nVMX preemption timer would need to fire precisely between #DB injection\nand the #DB handler\u0027s read of DR6, whereas with a KVM-on-KVM setup, the\nwindow where hardware DR6 is \"dirty\" extends all the way from L1 writing\nDR6 to VMRESUME (in L1).\n\n L1\u0027s view:\n ==========\n \u003cL1 disables DR interception\u003e\n CPU 0/KVM-7289 [023] d.... 2925.640961: kvm_entry: vcpu 0\n A: L1 Writes DR6\n CPU 0/KVM-7289 [023] d.... 2925.640963: \u003chack\u003e: Set DRs, DR6 = 0xffff0ff1\n\n B: CPU 0/KVM-7289 [023] d.... 2925.640967: kvm_exit: vcpu 0 reason EXTERNAL_INTERRUPT intr_info 0x800000ec\n\n D: L1 reads DR6, arch.dr6 = 0\n CPU 0/KVM-7289 [023] d.... 2925.640969: \u003chack\u003e: Sync DRs, DR6 = 0xffff0ff0\n\n CPU 0/KVM-7289 [023] d.... 2925.640976: kvm_entry: vcpu 0\n L2 reads DR6, L1 disables DR interception\n CPU 0/KVM-7289 [023] d.... 2925.640980: kvm_exit: vcpu 0 reason DR_ACCESS info1 0x0000000000000216\n CPU 0/KVM-7289 [023] d.... 2925.640983: kvm_entry: vcpu 0\n\n CPU 0/KVM-7289 [023] d.... 2925.640983: \u003chack\u003e: Set DRs, DR6 = 0xffff0ff0\n\n L2 detects failure\n CPU 0/KVM-7289 [023] d.... 2925.640987: kvm_exit: vcpu 0 reason HLT\n L1 reads DR6 (confirms failure)\n CPU 0/KVM-7289 [023] d.... 2925.640990: \u003chack\u003e: Sync DRs, DR6 = 0xffff0ff0\n\n L0\u0027s view:\n ==========\n L2 reads DR6, arch.dr6 = 0\n CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_exit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216\n CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit: vcpu 23 reason DR_ACCESS info1 0x0000000000000216\n\n L2 =\u003e L1 nested VM-Exit\n CPU 23/KVM-5046 [001] ..... 3410.005610: kvm_nested_vmexit_inject: reason: DR_ACCESS ext_inf1: 0x0000000000000216\n\n CPU 23/KVM-5046 [001] d.... 3410.005610: kvm_entry: vcpu 23\n CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_exit: vcpu 23 reason VMREAD\n CPU 23/KVM-5046 [001] d.... 3410.005611: kvm_entry: vcpu 23\n CPU 23/KVM-5046 [001] d.... 3410.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21839",
"url": "https://www.suse.com/security/cve/CVE-2025-21839"
},
{
"category": "external",
"summary": "SUSE Bug 1239061 for CVE-2025-21839",
"url": "https://bugzilla.suse.com/1239061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21839"
},
{
"cve": "CVE-2025-21854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsockmap, vsock: For connectible sockets allow only connected\n\nsockmap expects all vsocks to have a transport assigned, which is expressed\nin vsock_proto::psock_update_sk_prot(). However, there is an edge case\nwhere an unconnected (connectible) socket may lose its previously assigned\ntransport. This is handled with a NULL check in the vsock/BPF recv path.\n\nAnother design detail is that listening vsocks are not supposed to have any\ntransport assigned at all. Which implies they are not supported by the\nsockmap. But this is complicated by the fact that a socket, before\nswitching to TCP_LISTEN, may have had some transport assigned during a\nfailed connect() attempt. Hence, we may end up with a listening vsock in a\nsockmap, which blows up quickly:\n\nKASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]\nCPU: 7 UID: 0 PID: 56 Comm: kworker/7:0 Not tainted 6.14.0-rc1+\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:vsock_read_skb+0x4b/0x90\nCall Trace:\n sk_psock_verdict_data_ready+0xa4/0x2e0\n virtio_transport_recv_pkt+0x1ca8/0x2acc\n vsock_loopback_work+0x27d/0x3f0\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x35a/0x700\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nFor connectible sockets, instead of relying solely on the state of\nvsk-\u003etransport, tell sockmap to only allow those representing established\nconnections. This aligns with the behaviour for AF_INET and AF_UNIX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21854",
"url": "https://www.suse.com/security/cve/CVE-2025-21854"
},
{
"category": "external",
"summary": "SUSE Bug 1239470 for CVE-2025-21854",
"url": "https://bugzilla.suse.com/1239470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21854"
},
{
"cve": "CVE-2025-21868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: allow small head cache usage with large MAX_SKB_FRAGS values\n\nSabrina reported the following splat:\n\n WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netif_napi_add_weight_locked+0x8f2/0xba0\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0-rc1-net-00092-g011b03359038 #996\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:netif_napi_add_weight_locked+0x8f2/0xba0\n Code: e8 c3 e6 6a fe 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc c7 44 24 10 ff ff ff ff e9 8f fb ff ff e8 9e e6 6a fe \u003c0f\u003e 0b e9 d3 fe ff ff e8 92 e6 6a fe 48 8b 04 24 be ff ff ff ff 48\n RSP: 0000:ffffc9000001fc60 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff88806ce48128 RCX: 1ffff11001664b9e\n RDX: ffff888008f00040 RSI: ffffffff8317ca42 RDI: ffff88800b325cb6\n RBP: ffff88800b325c40 R08: 0000000000000001 R09: ffffed100167502c\n R10: ffff88800b3a8163 R11: 0000000000000000 R12: ffff88800ac1c168\n R13: ffff88800ac1c168 R14: ffff88800ac1c168 R15: 0000000000000007\n FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff888008201000 CR3: 0000000004c94001 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n gro_cells_init+0x1ba/0x270\n xfrm_input_init+0x4b/0x2a0\n xfrm_init+0x38/0x50\n ip_rt_init+0x2d7/0x350\n ip_init+0xf/0x20\n inet_init+0x406/0x590\n do_one_initcall+0x9d/0x2e0\n do_initcalls+0x23b/0x280\n kernel_init_freeable+0x445/0x490\n kernel_init+0x20/0x1d0\n ret_from_fork+0x46/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n irq event stamp: 584330\n hardirqs last enabled at (584338): [\u003cffffffff8168bf87\u003e] __up_console_sem+0x77/0xb0\n hardirqs last disabled at (584345): [\u003cffffffff8168bf6c\u003e] __up_console_sem+0x5c/0xb0\n softirqs last enabled at (583242): [\u003cffffffff833ee96d\u003e] netlink_insert+0x14d/0x470\n softirqs last disabled at (583754): [\u003cffffffff8317c8cd\u003e] netif_napi_add_weight_locked+0x77d/0xba0\n\non kernel built with MAX_SKB_FRAGS=45, where SKB_WITH_OVERHEAD(1024)\nis smaller than GRO_MAX_HEAD.\n\nSuch built additionally contains the revert of the single page frag cache\nso that napi_get_frags() ends up using the page frag allocator, triggering\nthe splat.\n\nNote that the underlying issue is independent from the mentioned\nrevert; address it ensuring that the small head cache will fit either TCP\nand GRO allocation and updating napi_alloc_skb() and __netdev_alloc_skb()\nto select kmalloc() usage for any allocation fitting such cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21868",
"url": "https://www.suse.com/security/cve/CVE-2025-21868"
},
{
"category": "external",
"summary": "SUSE Bug 1240180 for CVE-2025-21868",
"url": "https://bugzilla.suse.com/1240180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21868"
},
{
"cve": "CVE-2025-21872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: Don\u0027t map the entire mokvar table to determine its size\n\nCurrently, when validating the mokvar table, we (re)map the entire table\non each iteration of the loop, adding space as we discover new entries.\nIf the table grows over a certain size, this fails due to limitations of\nearly_memmap(), and we get a failure and traceback:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 0 at mm/early_ioremap.c:139 __early_ioremap+0xef/0x220\n ...\n Call Trace:\n \u003cTASK\u003e\n ? __early_ioremap+0xef/0x220\n ? __warn.cold+0x93/0xfa\n ? __early_ioremap+0xef/0x220\n ? report_bug+0xff/0x140\n ? early_fixup_exception+0x5d/0xb0\n ? early_idt_handler_common+0x2f/0x3a\n ? __early_ioremap+0xef/0x220\n ? efi_mokvar_table_init+0xce/0x1d0\n ? setup_arch+0x864/0xc10\n ? start_kernel+0x6b/0xa10\n ? x86_64_start_reservations+0x24/0x30\n ? x86_64_start_kernel+0xed/0xf0\n ? common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n mokvar: Failed to map EFI MOKvar config table pa=0x7c4c3000, size=265187.\n\nMapping the entire structure isn\u0027t actually necessary, as we don\u0027t ever\nneed more than one entry header mapped at once.\n\nChanges efi_mokvar_table_init() to only map each entry header, not the\nentire table, when determining the table size. Since we\u0027re not mapping\nany data past the variable name, it also changes the code to enforce\nthat each variable name is NUL terminated, rather than attempting to\nverify it in place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21872",
"url": "https://www.suse.com/security/cve/CVE-2025-21872"
},
{
"category": "external",
"summary": "SUSE Bug 1240323 for CVE-2025-21872",
"url": "https://bugzilla.suse.com/1240323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21872"
},
{
"cve": "CVE-2025-21898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don\u0027t care about rec-\u003ecounter * rec-\u003ecounter overflow because\nrec-\u003etime * rec-\u003etime overflow will likely happen earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21898",
"url": "https://www.suse.com/security/cve/CVE-2025-21898"
},
{
"category": "external",
"summary": "SUSE Bug 1240610 for CVE-2025-21898",
"url": "https://bugzilla.suse.com/1240610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21898"
},
{
"cve": "CVE-2025-21899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo \u0027hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)\u0027 \u003e trigger\n bash: echo: write error: Invalid argument\n ~# echo \u0027hist:name=bad:keys=common_pid\u0027 \u003e trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops-\u003ereg(.., data, ..) [hist_register_trigger()] {\n data-\u003eops-\u003einit() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(\u0026data-\u003enamed_list, \u0026named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(\u0026data-\u003elist, \u0026file-\u003etriggers); \u003c\u003c\u003c---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops-\u003eunreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, \u0026file-\u003etriggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) \u003c- never matches\n continue;\n [..]\n test = iter;\n }\n if (test \u0026\u0026 test-\u003eops-\u003efree) \u003c\u003c\u003c-- test is NULL\n\n test-\u003eops-\u003efree(test) [event_hist_trigger_free()] {\n [..]\n if (data-\u003ename)\n del_named_trigger(data) {\n list_del(\u0026data-\u003enamed_list); \u003c\u003c\u003c\u003c-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); \u003c\u003c\u003c-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn\u0027t need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile-\u003etriggers to be properly populated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21899",
"url": "https://www.suse.com/security/cve/CVE-2025-21899"
},
{
"category": "external",
"summary": "SUSE Bug 1240577 for CVE-2025-21899",
"url": "https://bugzilla.suse.com/1240577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21899"
},
{
"cve": "CVE-2025-21920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn\u0027t make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev-\u003eaddr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev-\u003eaddr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21920",
"url": "https://www.suse.com/security/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "SUSE Bug 1240686 for CVE-2025-21920",
"url": "https://bugzilla.suse.com/1240686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21920"
},
{
"cve": "CVE-2025-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21938",
"url": "https://www.suse.com/security/cve/CVE-2025-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1240723 for CVE-2025-21938",
"url": "https://bugzilla.suse.com/1240723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21959",
"url": "https://www.suse.com/security/cve/CVE-2025-21959"
},
{
"category": "external",
"summary": "SUSE Bug 1240814 for CVE-2025-21959",
"url": "https://bugzilla.suse.com/1240814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n\u0027mdelay(10)\u0027 after \u0027mutex_unlock(\u0026trace_types_lock)\u0027 in s_start(),\nand executing the following script:\n\n $ echo function_graph \u003e current_tracer\n $ cat trace \u003e /dev/null \u0026\n $ sleep 5 # Ensure the \u0027cat\u0027 reaches the \u0027mdelay(10)\u0027 point\n $ echo timerlat \u003e current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through \u0027iter-\u003etrace-\u003eprint_line()\u0027;\n * Another through \u0027event-\u003efuncs-\u003etrace()\u0027, which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the \u0027function_graph\u0027 tracer to the\n\u0027timerlat\u0027 tracer, s_start only calls graph_trace_close of the\n\u0027function_graph\u0027 tracer to free \u0027iter-\u003eprivate\u0027, but does not set\nit to NULL. This provides an opportunity for \u0027event-\u003efuncs-\u003etrace()\u0027\nto use an invalid \u0027iter-\u003eprivate\u0027.\n\nTo fix this issue, set \u0027iter-\u003eprivate\u0027 to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n\u0027iter-\u003eprivate = NULL\u0027 during each \u0027cat trace\u0027 when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22035",
"url": "https://www.suse.com/security/cve/CVE-2025-22035"
},
{
"category": "external",
"summary": "SUSE Bug 1241544 for CVE-2025-22035",
"url": "https://bugzilla.suse.com/1241544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22035"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22083",
"url": "https://www.suse.com/security/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "SUSE Bug 1241414 for CVE-2025-22083",
"url": "https://bugzilla.suse.com/1241414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22090",
"url": "https://www.suse.com/security/cve/CVE-2025-22090"
},
{
"category": "external",
"summary": "SUSE Bug 1241537 for CVE-2025-22090",
"url": "https://bugzilla.suse.com/1241537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22111",
"url": "https://www.suse.com/security/cve/CVE-2025-22111"
},
{
"category": "external",
"summary": "SUSE Bug 1241572 for CVE-2025-22111",
"url": "https://bugzilla.suse.com/1241572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid journaling sb update on error if journal is destroying\n\nPresently we always BUG_ON if trying to start a transaction on a journal marked\nwith JBD2_UNMOUNT, since this should never happen. However, while ltp running\nstress tests, it was observed that in case of some error handling paths, it is\npossible for update_super_work to start a transaction after the journal is\ndestroyed eg:\n\n(umount)\next4_kill_sb\n kill_block_super\n generic_shutdown_super\n sync_filesystem /* commits all txns */\n evict_inodes\n /* might start a new txn */\n ext4_put_super\n\tflush_work(\u0026sbi-\u003es_sb_upd_work) /* flush the workqueue */\n jbd2_journal_destroy\n journal_kill_thread\n journal-\u003ej_flags |= JBD2_UNMOUNT;\n jbd2_journal_commit_transaction\n jbd2_journal_get_descriptor_buffer\n jbd2_journal_bmap\n ext4_journal_bmap\n ext4_map_blocks\n ...\n ext4_inode_error\n ext4_handle_error\n schedule_work(\u0026sbi-\u003es_sb_upd_work)\n\n /* work queue kicks in */\n update_super_work\n jbd2_journal_start\n start_this_handle\n BUG_ON(journal-\u003ej_flags \u0026\n JBD2_UNMOUNT)\n\nHence, introduce a new mount flag to indicate journal is destroying and only do\na journaled (and deferred) update of sb if this flag is not set. Otherwise, just\nfallback to an un-journaled commit.\n\nFurther, in the journal destroy path, we have the following sequence:\n\n 1. Set mount flag indicating journal is destroying\n 2. force a commit and wait for it\n 3. flush pending sb updates\n\nThis sequence is important as it ensures that, after this point, there is no sb\nupdate that might be journaled so it is safe to update the sb outside the\njournal. (To avoid race discussed in 2d01ddc86606)\n\nAlso, we don\u0027t need a similar check in ext4_grp_locked_error since it is only\ncalled from mballoc and AFAICT it would be always valid to schedule work here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22113",
"url": "https://www.suse.com/security/cve/CVE-2025-22113"
},
{
"category": "external",
"summary": "SUSE Bug 1241617 for CVE-2025-22113",
"url": "https://bugzilla.suse.com/1241617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22113"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn\u0027t called to unlock\nmapping-\u003einvalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22120",
"url": "https://www.suse.com/security/cve/CVE-2025-22120"
},
{
"category": "external",
"summary": "SUSE Bug 1241592 for CVE-2025-22120",
"url": "https://bugzilla.suse.com/1241592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22120"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix accessing freed irq affinity_hint\n\nIn stmmac_request_irq_multi_msi(), a pointer to the stack variable\ncpu_mask is passed to irq_set_affinity_hint(). This value is stored in\nirq_desc-\u003eaffinity_hint, but once stmmac_request_irq_multi_msi()\nreturns, the pointer becomes dangling.\n\nThe affinity_hint is exposed via procfs with S_IRUGO permissions,\nallowing any unprivileged process to read it. Accessing this stale\npointer can lead to:\n\n- a kernel oops or panic if the referenced memory has been released and\n unmapped, or\n- leakage of kernel data into userspace if the memory is re-used for\n other purposes.\n\nAll platforms that use stmmac with PCI MSI (Intel, Loongson, etc) are\naffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23155",
"url": "https://www.suse.com/security/cve/CVE-2025-23155"
},
{
"category": "external",
"summary": "SUSE Bug 1242573 for CVE-2025-23155",
"url": "https://bugzilla.suse.com/1242573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23155"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-23163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vlan: don\u0027t propagate flags on open\n\nWith the device instance lock, there is now a possibility of a deadlock:\n\n[ 1.211455] ============================================\n[ 1.211571] WARNING: possible recursive locking detected\n[ 1.211687] 6.14.0-rc5-01215-g032756b4ca7a-dirty #5 Not tainted\n[ 1.211823] --------------------------------------------\n[ 1.211936] ip/184 is trying to acquire lock:\n[ 1.212032] ffff8881024a4c30 (\u0026dev-\u003elock){+.+.}-{4:4}, at: dev_set_allmulti+0x4e/0xb0\n[ 1.212207]\n[ 1.212207] but task is already holding lock:\n[ 1.212332] ffff8881024a4c30 (\u0026dev-\u003elock){+.+.}-{4:4}, at: dev_open+0x50/0xb0\n[ 1.212487]\n[ 1.212487] other info that might help us debug this:\n[ 1.212626] Possible unsafe locking scenario:\n[ 1.212626]\n[ 1.212751] CPU0\n[ 1.212815] ----\n[ 1.212871] lock(\u0026dev-\u003elock);\n[ 1.212944] lock(\u0026dev-\u003elock);\n[ 1.213016]\n[ 1.213016] *** DEADLOCK ***\n[ 1.213016]\n[ 1.213143] May be due to missing lock nesting notation\n[ 1.213143]\n[ 1.213294] 3 locks held by ip/184:\n[ 1.213371] #0: ffffffff838b53e0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock+0x1b/0xa0\n[ 1.213543] #1: ffffffff84e5fc70 (\u0026net-\u003ertnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock+0x37/0xa0\n[ 1.213727] #2: ffff8881024a4c30 (\u0026dev-\u003elock){+.+.}-{4:4}, at: dev_open+0x50/0xb0\n[ 1.213895]\n[ 1.213895] stack backtrace:\n[ 1.213991] CPU: 0 UID: 0 PID: 184 Comm: ip Not tainted 6.14.0-rc5-01215-g032756b4ca7a-dirty #5\n[ 1.213993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n[ 1.213994] Call Trace:\n[ 1.213995] \u003cTASK\u003e\n[ 1.213996] dump_stack_lvl+0x8e/0xd0\n[ 1.214000] print_deadlock_bug+0x28b/0x2a0\n[ 1.214020] lock_acquire+0xea/0x2a0\n[ 1.214027] __mutex_lock+0xbf/0xd40\n[ 1.214038] dev_set_allmulti+0x4e/0xb0 # real_dev-\u003eflags \u0026 IFF_ALLMULTI\n[ 1.214040] vlan_dev_open+0xa5/0x170 # ndo_open on vlandev\n[ 1.214042] __dev_open+0x145/0x270\n[ 1.214046] __dev_change_flags+0xb0/0x1e0\n[ 1.214051] netif_change_flags+0x22/0x60 # IFF_UP vlandev\n[ 1.214053] dev_change_flags+0x61/0xb0 # for each device in group from dev-\u003evlan_info\n[ 1.214055] vlan_device_event+0x766/0x7c0 # on netdevsim0\n[ 1.214058] notifier_call_chain+0x78/0x120\n[ 1.214062] netif_open+0x6d/0x90\n[ 1.214064] dev_open+0x5b/0xb0 # locks netdevsim0\n[ 1.214066] bond_enslave+0x64c/0x1230\n[ 1.214075] do_set_master+0x175/0x1e0 # on netdevsim0\n[ 1.214077] do_setlink+0x516/0x13b0\n[ 1.214094] rtnl_newlink+0xaba/0xb80\n[ 1.214132] rtnetlink_rcv_msg+0x440/0x490\n[ 1.214144] netlink_rcv_skb+0xeb/0x120\n[ 1.214150] netlink_unicast+0x1f9/0x320\n[ 1.214153] netlink_sendmsg+0x346/0x3f0\n[ 1.214157] __sock_sendmsg+0x86/0xb0\n[ 1.214160] ____sys_sendmsg+0x1c8/0x220\n[ 1.214164] ___sys_sendmsg+0x28f/0x2d0\n[ 1.214179] __x64_sys_sendmsg+0xef/0x140\n[ 1.214184] do_syscall_64+0xec/0x1d0\n[ 1.214190] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 1.214191] RIP: 0033:0x7f2d1b4a7e56\n\nDevice setup:\n\n netdevsim0 (down)\n ^ ^\n bond netdevsim1.100@netdevsim1 allmulticast=on (down)\n\nWhen we enslave the lower device (netdevsim0) which has a vlan, we\npropagate vlan\u0027s allmuti/promisc flags during ndo_open. This causes\n(re)locking on of the real_dev.\n\nPropagate allmulti/promisc on flags change, not on the open. There\nis a slight semantics change that vlans that are down now propagate\nthe flags, but this seems unlikely to result in the real issues.\n\nReproducer:\n\n echo 0 1 \u003e /sys/bus/netdevsim/new_device\n\n dev_path=$(ls -d /sys/bus/netdevsim/devices/netdevsim0/net/*)\n dev=$(echo $dev_path | rev | cut -d/ -f1 | rev)\n\n ip link set dev $dev name netdevsim0\n ip link set dev netdevsim0 up\n\n ip link add link netdevsim0 name netdevsim0.100 type vlan id 100\n ip link set dev netdevsim0.100 allm\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23163",
"url": "https://www.suse.com/security/cve/CVE-2025-23163"
},
{
"category": "external",
"summary": "SUSE Bug 1242837 for CVE-2025-23163",
"url": "https://bugzilla.suse.com/1242837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-23163"
},
{
"cve": "CVE-2025-37738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: ignore xattrs past end\n\nOnce inside \u0027ext4_xattr_inode_dec_ref_all\u0027 we should\nignore xattrs entries past the \u0027end\u0027 entry.\n\nThis fixes the following KASAN reported issue:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\n\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x1fd/0x300\n ? tcp_gro_dev_warn+0x260/0x260\n ? _printk+0xc0/0x100\n ? read_lock_is_recursive+0x10/0x10\n ? irq_work_queue+0x72/0xf0\n ? __virt_addr_valid+0x17b/0x4b0\n print_address_description+0x78/0x390\n print_report+0x107/0x1f0\n ? __virt_addr_valid+0x17b/0x4b0\n ? __virt_addr_valid+0x3ff/0x4b0\n ? __phys_addr+0xb5/0x160\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n kasan_report+0xcc/0x100\n ? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\n ? ext4_xattr_delete_inode+0xd30/0xd30\n ? __ext4_journal_ensure_credits+0x5f0/0x5f0\n ? __ext4_journal_ensure_credits+0x2b/0x5f0\n ? inode_update_timestamps+0x410/0x410\n ext4_xattr_delete_inode+0xb64/0xd30\n ? ext4_truncate+0xb70/0xdc0\n ? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n ? __ext4_mark_inode_dirty+0x670/0x670\n ? ext4_journal_check_start+0x16f/0x240\n ? ext4_inode_is_fast_symlink+0x2f2/0x3a0\n ext4_evict_inode+0xc8c/0xff0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n ? do_raw_spin_unlock+0x53/0x8a0\n ? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n evict+0x4ac/0x950\n ? proc_nr_inodes+0x310/0x310\n ? trace_ext4_drop_inode+0xa2/0x220\n ? _raw_spin_unlock+0x1a/0x30\n ? iput+0x4cb/0x7e0\n do_unlinkat+0x495/0x7c0\n ? try_break_deleg+0x120/0x120\n ? 0xffffffff81000000\n ? __check_object_size+0x15a/0x210\n ? strncpy_from_user+0x13e/0x250\n ? getname_flags+0x1dc/0x530\n __x64_sys_unlinkat+0xc8/0xf0\n do_syscall_64+0x65/0x110\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n \u003c/TASK\u003e\n\nThe buggy address belongs to the object at ffff888012c12000\n which belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\n freed 360-byte region [ffff888012c12000, ffff888012c12168)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\n ffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37738",
"url": "https://www.suse.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "SUSE Bug 1242846 for CVE-2025-37738",
"url": "https://bugzilla.suse.com/1242846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: explicitly disallow disconnect\n\nsyzbot discovered that it can disconnect a TLS socket and then\nrun into all sort of unexpected corner cases. I have a vague\nrecollection of Eric pointing this out to us a long time ago.\nSupporting disconnect is really hard, for one thing if offload\nis enabled we\u0027d need to wait for all packets to be _acked_.\nDisconnect is not commonly used, disallow it.\n\nThe immediate problem syzbot run into is the warning in the strp,\nbut that\u0027s just the easiest bug to trigger:\n\n WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486\n Call Trace:\n \u003cTASK\u003e\n tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363\n tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043\n inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678\n sock_recvmsg_nosec net/socket.c:1023 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1045\n __sys_recvfrom+0x202/0x380 net/socket.c:2237",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37756",
"url": "https://www.suse.com/security/cve/CVE-2025-37756"
},
{
"category": "external",
"summary": "SUSE Bug 1242515 for CVE-2025-37756",
"url": "https://bugzilla.suse.com/1242515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37756"
},
{
"cve": "CVE-2025-37757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix memory leak in tipc_link_xmit\n\nIn case the backlog transmit queue for system-importance messages is overloaded,\ntipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads to\nmemory leak and failure when a skb is allocated.\n\nThis commit fixes this issue by purging the skb list before tipc_link_xmit()\nreturns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37757",
"url": "https://www.suse.com/security/cve/CVE-2025-37757"
},
{
"category": "external",
"summary": "SUSE Bug 1242521 for CVE-2025-37757",
"url": "https://bugzilla.suse.com/1242521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37757"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: free routing table on probe failure\n\nIf complete = true in dsa_tree_setup(), it means that we are the last\nswitch of the tree which is successfully probing, and we should be\nsetting up all switches from our probe path.\n\nAfter \"complete\" becomes true, dsa_tree_setup_cpu_ports() or any\nsubsequent function may fail. If that happens, the entire tree setup is\nin limbo: the first N-1 switches have successfully finished probing\n(doing nothing but having allocated persistent memory in the tree\u0027s\ndst-\u003eports, and maybe dst-\u003ertable), and switch N failed to probe, ending\nthe tree setup process before anything is tangible from the user\u0027s PoV.\n\nIf switch N fails to probe, its memory (ports) will be freed and removed\nfrom dst-\u003eports. However, the dst-\u003ertable elements pointing to its ports,\nas created by dsa_link_touch(), will remain there, and will lead to\nuse-after-free if dereferenced.\n\nIf dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirely\npossible because that is where ds-\u003eops-\u003esetup() is, we get a kasan\nreport like this:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568\nRead of size 8 at addr ffff000004f56020 by task kworker/u8:3/42\n\nCall trace:\n __asan_report_load8_noabort+0x20/0x30\n mv88e6xxx_setup_upstream_port+0x240/0x568\n mv88e6xxx_setup+0xebc/0x1eb0\n dsa_register_switch+0x1af4/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nAllocated by task 42:\n __kasan_kmalloc+0x84/0xa0\n __kmalloc_cache_noprof+0x298/0x490\n dsa_switch_touch_ports+0x174/0x3d8\n dsa_register_switch+0x800/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nFreed by task 42:\n __kasan_slab_free+0x48/0x68\n kfree+0x138/0x418\n dsa_register_switch+0x2694/0x2ae0\n mv88e6xxx_register_switch+0x1b8/0x2a8\n mv88e6xxx_probe+0xc4c/0xf60\n mdio_probe+0x78/0xb8\n really_probe+0x2b8/0x5a8\n __driver_probe_device+0x164/0x298\n driver_probe_device+0x78/0x258\n __device_attach_driver+0x274/0x350\n\nThe simplest way to fix the bug is to delete the routing table in its\nentirety. dsa_tree_setup_routing_table() has no problem in regenerating\nit even if we deleted links between ports other than those of switch N,\nbecause dsa_link_touch() first checks whether the port pair already\nexists in dst-\u003ertable, allocating if not.\n\nThe deletion of the routing table in its entirety already exists in\ndsa_tree_teardown(), so refactor that into a function that can also be\ncalled from the tree setup error path.\n\nIn my analysis of the commit to blame, it is the one which added\ndsa_link elements to dst-\u003ertable. Prior to that, each switch had its own\nds-\u003ertable which is freed when the switch fails to probe. But the tree\nis potentially persistent memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37786",
"url": "https://www.suse.com/security/cve/CVE-2025-37786"
},
{
"category": "external",
"summary": "SUSE Bug 1242725 for CVE-2025-37786",
"url": "https://bugzilla.suse.com/1242725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37786"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-imx: Add check for spi_imx_setupxfer()\n\nAdd check for the return value of spi_imx_setupxfer().\nspi_imx-\u003erx and spi_imx-\u003etx function pointer can be NULL when\nspi_imx_setupxfer() return error, and make NULL pointer dereference.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Call trace:\n 0x0\n spi_imx_pio_transfer+0x50/0xd8\n spi_imx_transfer_one+0x18c/0x858\n spi_transfer_one_message+0x43c/0x790\n __spi_pump_transfer_message+0x238/0x5d4\n __spi_sync+0x2b0/0x454\n spi_write_then_read+0x11c/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37801",
"url": "https://www.suse.com/security/cve/CVE-2025-37801"
},
{
"category": "external",
"summary": "SUSE Bug 1242850 for CVE-2025-37801",
"url": "https://bugzilla.suse.com/1242850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37801"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: ci_hdrc_imx: fix usbmisc handling\n\nusbmisc is an optional device property so it is totally valid for the\ncorresponding data-\u003eusbmisc_data to have a NULL value.\n\nCheck that before dereferencing the pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37811",
"url": "https://www.suse.com/security/cve/CVE-2025-37811"
},
{
"category": "external",
"summary": "SUSE Bug 1242907 for CVE-2025-37811",
"url": "https://bugzilla.suse.com/1242907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37811"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: avoid NULL pointer dereference in dbg call\n\ncifs_server_dbg() implies server to be non-NULL so\nmove call under condition to avoid NULL pointer dereference.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37844",
"url": "https://www.suse.com/security/cve/CVE-2025-37844"
},
{
"category": "external",
"summary": "SUSE Bug 1242946 for CVE-2025-37844",
"url": "https://bugzilla.suse.com/1242946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37844"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: harden block_group::bg_list against list_del() races\n\nAs far as I can tell, these calls of list_del_init() on bg_list cannot\nrun concurrently with btrfs_mark_bg_unused() or btrfs_mark_bg_to_reclaim(),\nas they are in transaction error paths and situations where the block\ngroup is readonly.\n\nHowever, if there is any chance at all of racing with mark_bg_unused(),\nor a different future user of bg_list, better to be safe than sorry.\n\nOtherwise we risk the following interleaving (bg_list refcount in parens)\n\nT1 (some random op) T2 (btrfs_mark_bg_unused)\n !list_empty(\u0026bg-\u003ebg_list); (1)\nlist_del_init(\u0026bg-\u003ebg_list); (1)\n list_move_tail (1)\nbtrfs_put_block_group (0)\n btrfs_delete_unused_bgs\n bg = list_first_entry\n list_del_init(\u0026bg-\u003ebg_list);\n btrfs_put_block_group(bg); (-1)\n\nUltimately, this results in a broken ref count that hits zero one deref\nearly and the real final deref underflows the refcount, resulting in a WARNING.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37856",
"url": "https://www.suse.com/security/cve/CVE-2025-37856"
},
{
"category": "external",
"summary": "SUSE Bug 1243068 for CVE-2025-37856",
"url": "https://bugzilla.suse.com/1243068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37856"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: avoid infinite loop to schedule delayed worker\n\nWe noticed the kworker in page_pool_release_retry() was waken\nup repeatedly and infinitely in production because of the\nbuggy driver causing the inflight less than 0 and warning\nus in page_pool_inflight()[1].\n\nSince the inflight value goes negative, it means we should\nnot expect the whole page_pool to get back to work normally.\n\nThis patch mitigates the adverse effect by not rescheduling\nthe kworker when detecting the inflight negative in\npage_pool_release_retry().\n\n[1]\n[Mon Feb 10 20:36:11 2025] ------------[ cut here ]------------\n[Mon Feb 10 20:36:11 2025] Negative(-51446) inflight packet-pages\n...\n[Mon Feb 10 20:36:11 2025] Call Trace:\n[Mon Feb 10 20:36:11 2025] page_pool_release_retry+0x23/0x70\n[Mon Feb 10 20:36:11 2025] process_one_work+0x1b1/0x370\n[Mon Feb 10 20:36:11 2025] worker_thread+0x37/0x3a0\n[Mon Feb 10 20:36:11 2025] kthread+0x11a/0x140\n[Mon Feb 10 20:36:11 2025] ? process_one_work+0x370/0x370\n[Mon Feb 10 20:36:11 2025] ? __kthread_cancel_work+0x40/0x40\n[Mon Feb 10 20:36:11 2025] ret_from_fork+0x35/0x40\n[Mon Feb 10 20:36:11 2025] ---[ end trace ebffe800f33e7e34 ]---\nNote: before this patch, the above calltrace would flood the\ndmesg due to repeated reschedule of release_dw kworker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37859",
"url": "https://www.suse.com/security/cve/CVE-2025-37859"
},
{
"category": "external",
"summary": "SUSE Bug 1243051 for CVE-2025-37859",
"url": "https://bugzilla.suse.com/1243051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37859"
},
{
"cve": "CVE-2025-37862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix null pointer dereference in pidff_find_fields\n\nThis function triggered a null pointer dereference if used to search for\na report that isn\u0027t implemented on the device. This happened both for\noptional and required reports alike.\n\nThe same logic was applied to pidff_find_special_field and although\npidff_init_fields should return an error earlier if one of the required\nreports is missing, future modifications could change this logic and\nresurface this possible null pointer dereference again.\n\nLKML bug report:\nhttps://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37862",
"url": "https://www.suse.com/security/cve/CVE-2025-37862"
},
{
"category": "external",
"summary": "SUSE Bug 1242982 for CVE-2025-37862",
"url": "https://bugzilla.suse.com/1242982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37862"
},
{
"cve": "CVE-2025-37864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: clean up FDB, MDB, VLAN entries on unbind\n\nAs explained in many places such as commit b117e1e8a86d (\"net: dsa:\ndelete dsa_legacy_fdb_add and dsa_legacy_fdb_del\"), DSA is written given\nthe assumption that higher layers have balanced additions/deletions.\nAs such, it only makes sense to be extremely vocal when those\nassumptions are violated and the driver unbinds with entries still\npresent.\n\nBut Ido Schimmel points out a very simple situation where that is wrong:\nhttps://lore.kernel.org/netdev/ZDazSM5UsPPjQuKr@shredder/\n(also briefly discussed by me in the aforementioned commit).\n\nBasically, while the bridge bypass operations are not something that DSA\nexplicitly documents, and for the majority of DSA drivers this API\nsimply causes them to go to promiscuous mode, that isn\u0027t the case for\nall drivers. Some have the necessary requirements for bridge bypass\noperations to do something useful - see dsa_switch_supports_uc_filtering().\n\nAlthough in tools/testing/selftests/net/forwarding/local_termination.sh,\nwe made an effort to popularize better mechanisms to manage address\nfilters on DSA interfaces from user space - namely macvlan for unicast,\nand setsockopt(IP_ADD_MEMBERSHIP) - through mtools - for multicast, the\nfact is that \u0027bridge fdb add ... self static local\u0027 also exists as\nkernel UAPI, and might be useful to someone, even if only for a quick\nhack.\n\nIt seems counter-productive to block that path by implementing shim\n.ndo_fdb_add and .ndo_fdb_del operations which just return -EOPNOTSUPP\nin order to prevent the ndo_dflt_fdb_add() and ndo_dflt_fdb_del() from\nrunning, although we could do that.\n\nAccepting that cleanup is necessary seems to be the only option.\nEspecially since we appear to be coming back at this from a different\nangle as well. Russell King is noticing that the WARN_ON() triggers even\nfor VLANs:\nhttps://lore.kernel.org/netdev/Z_li8Bj8bD4-BYKQ@shell.armlinux.org.uk/\n\nWhat happens in the bug report above is that dsa_port_do_vlan_del() fails,\nthen the VLAN entry lingers on, and then we warn on unbind and leak it.\n\nThis is not a straight revert of the blamed commit, but we now add an\ninformational print to the kernel log (to still have a way to see\nthat bugs exist), and some extra comments gathered from past years\u0027\nexperience, to justify the logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37864",
"url": "https://www.suse.com/security/cve/CVE-2025-37864"
},
{
"category": "external",
"summary": "SUSE Bug 1242965 for CVE-2025-37864",
"url": "https://bugzilla.suse.com/1242965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37864"
},
{
"cve": "CVE-2025-37865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported\n\nRussell King reports that on the ZII dev rev B, deleting a bridge VLAN\nfrom a user port fails with -ENOENT:\nhttps://lore.kernel.org/netdev/Z_lQXNP0s5-IiJzd@shell.armlinux.org.uk/\n\nThis comes from mv88e6xxx_port_vlan_leave() -\u003e mv88e6xxx_mst_put(),\nwhich tries to find an MST entry in \u0026chip-\u003emsts associated with the SID,\nbut fails and returns -ENOENT as such.\n\nBut we know that this chip does not support MST at all, so that is not\nsurprising. The question is why does the guard in mv88e6xxx_mst_put()\nnot exit early:\n\n\tif (!sid)\n\t\treturn 0;\n\nAnd the answer seems to be simple: the sid comes from vlan.sid which\nsupposedly was previously populated by mv88e6xxx_vtu_get().\nBut some chip-\u003einfo-\u003eops-\u003evtu_getnext() implementations do not populate\nvlan.sid, for example see mv88e6185_g1_vtu_getnext(). In that case,\nlater in mv88e6xxx_port_vlan_leave() we are using a garbage sid which is\njust residual stack memory.\n\nTesting for sid == 0 covers all cases of a non-bridge VLAN or a bridge\nVLAN mapped to the default MSTI. For some chips, SID 0 is valid and\ninstalled by mv88e6xxx_stu_setup(). A chip which does not support the\nSTU would implicitly only support mapping all VLANs to the default MSTI,\nso although SID 0 is not valid, it would be sufficient, if we were to\nzero-initialize the vlan structure, to fix the bug, due to the\ncoincidence that a test for vlan.sid == 0 already exists and leads to\nthe same (correct) behavior.\n\nAnother option which would be sufficient would be to add a test for\nmv88e6xxx_has_stu() inside mv88e6xxx_mst_put(), symmetric to the one\nwhich already exists in mv88e6xxx_mst_get(). But that placement means\nthe caller will have to dereference vlan.sid, which means it will access\nuninitialized memory, which is not nice even if it ignores it later.\n\nSo we end up making both modifications, in order to not rely just on the\nsid == 0 coincidence, but also to avoid having uninitialized structure\nfields which might get temporarily accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37865",
"url": "https://www.suse.com/security/cve/CVE-2025-37865"
},
{
"category": "external",
"summary": "SUSE Bug 1242954 for CVE-2025-37865",
"url": "https://bugzilla.suse.com/1242954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37865"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ngbe: fix memory leak in ngbe_probe() error path\n\nWhen ngbe_sw_init() is called, memory is allocated for wx-\u003erss_key\nin wx_init_rss_key(). However, in ngbe_probe() function, the subsequent\nerror paths after ngbe_sw_init() don\u0027t free the rss_key. Fix that by\nfreeing it in error path along with wx-\u003emac_table.\n\nAlso change the label to which execution jumps when ngbe_sw_init()\nfails, because otherwise, it could lead to a double free for rss_key,\nwhen the mac_table allocation fails in wx_sw_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37874",
"url": "https://www.suse.com/security/cve/CVE-2025-37874"
},
{
"category": "external",
"summary": "SUSE Bug 1242940 for CVE-2025-37874",
"url": "https://bugzilla.suse.com/1242940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37874"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock between rcu_tasks_trace and event_mutex.\n\nFix the following deadlock:\nCPU A\n_free_event()\n perf_kprobe_destroy()\n mutex_lock(\u0026event_mutex)\n perf_trace_event_unreg()\n synchronize_rcu_tasks_trace()\n\nThere are several paths where _free_event() grabs event_mutex\nand calls sync_rcu_tasks_trace. Above is one such case.\n\nCPU B\nbpf_prog_test_run_syscall()\n rcu_read_lock_trace()\n bpf_prog_run_pin_on_cpu()\n bpf_prog_load()\n bpf_tracing_func_proto()\n trace_set_clr_event()\n mutex_lock(\u0026event_mutex)\n\nDelegate trace_set_clr_event() to workqueue to avoid\nsuch lock dependency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37884",
"url": "https://www.suse.com/security/cve/CVE-2025-37884"
},
{
"category": "external",
"summary": "SUSE Bug 1243060 for CVE-2025-37884",
"url": "https://bugzilla.suse.com/1243060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37884"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37909",
"url": "https://www.suse.com/security/cve/CVE-2025-37909"
},
{
"category": "external",
"summary": "SUSE Bug 1243467 for CVE-2025-37909",
"url": "https://bugzilla.suse.com/1243467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37917",
"url": "https://www.suse.com/security/cve/CVE-2025-37917"
},
{
"category": "external",
"summary": "SUSE Bug 1243475 for CVE-2025-37917",
"url": "https://bugzilla.suse.com/1243475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix race condition in AF_XDP generic RX path\n\nMove rx_lock from xsk_socket to xsk_buff_pool.\nFix synchronization for shared umem mode in\ngeneric RX path where multiple sockets share\nsingle xsk_buff_pool.\n\nRX queue is exclusive to xsk_socket, while FILL\nqueue can be shared between multiple sockets.\nThis could result in race condition where two\nCPU cores access RX path of two different sockets\nsharing the same umem.\n\nProtect both queues by acquiring spinlock in shared\nxsk_buff_pool.\n\nLock contention may be minimized in the future by some\nper-thread FQ buffering.\n\nIt\u0027s safe and necessary to move spin_lock_bh(rx_lock)\nafter xsk_rcv_check():\n* xs-\u003epool and spinlock_init is synchronized by\n xsk_bind() -\u003e xsk_is_bound() memory barriers.\n* xsk_rcv_check() may return true at the moment\n of xsk_release() or xsk_unbind_dev(),\n however this will not cause any data races or\n race conditions. xsk_unbind_dev() removes xdp\n socket from all maps and waits for completion\n of all outstanding rx operations. Packets in\n RX path will either complete safely or drop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37920",
"url": "https://www.suse.com/security/cve/CVE-2025-37920"
},
{
"category": "external",
"summary": "SUSE Bug 1243479 for CVE-2025-37920",
"url": "https://bugzilla.suse.com/1243479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37920"
},
{
"cve": "CVE-2025-37921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: vnifilter: Fix unlocked deletion of default FDB entry\n\nWhen a VNI is deleted from a VXLAN device in \u0027vnifilter\u0027 mode, the FDB\nentry associated with the default remote (assuming one was configured)\nis deleted without holding the hash lock. This is wrong and will result\nin a warning [1] being generated by the lockdep annotation that was\nadded by commit ebe642067455 (\"vxlan: Create wrappers for FDB lookup\").\n\nReproducer:\n\n # ip link add vx0 up type vxlan dstport 4789 external vnifilter local 192.0.2.1\n # bridge vni add vni 10010 remote 198.51.100.1 dev vx0\n # bridge vni del vni 10010 dev vx0\n\nFix by acquiring the hash lock before the deletion and releasing it\nafterwards. Blame the original commit that introduced the issue rather\nthan the one that exposed it.\n\n[1]\nWARNING: CPU: 3 PID: 392 at drivers/net/vxlan/vxlan_core.c:417 vxlan_find_mac+0x17f/0x1a0\n[...]\nRIP: 0010:vxlan_find_mac+0x17f/0x1a0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __vxlan_fdb_delete+0xbe/0x560\n vxlan_vni_delete_group+0x2ba/0x940\n vxlan_vni_del.isra.0+0x15f/0x580\n vxlan_process_vni_filter+0x38b/0x7b0\n vxlan_vnifilter_process+0x3bb/0x510\n rtnetlink_rcv_msg+0x2f7/0xb70\n netlink_rcv_skb+0x131/0x360\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n __sys_sendmsg+0x121/0x1b0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37921",
"url": "https://www.suse.com/security/cve/CVE-2025-37921"
},
{
"category": "external",
"summary": "SUSE Bug 1243480 for CVE-2025-37921",
"url": "https://bugzilla.suse.com/1243480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37921"
},
{
"cve": "CVE-2025-37923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(\u0026iter-\u003eseq) and PAGE_SIZE as an argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37923",
"url": "https://www.suse.com/security/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "SUSE Bug 1243551 for CVE-2025-37923",
"url": "https://bugzilla.suse.com/1243551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37923"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn\u0027t\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37927",
"url": "https://www.suse.com/security/cve/CVE-2025-37927"
},
{
"category": "external",
"summary": "SUSE Bug 1243620 for CVE-2025-37927",
"url": "https://bugzilla.suse.com/1243620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37927"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Fix host hang issue during device reboot\n\nWhen the host loses heartbeat messages from the device,\nthe driver calls the device-specific ndo_stop function,\nwhich frees the resources. If the driver is unloaded in\nthis scenario, it calls ndo_stop again, attempting to free\nresources that have already been freed, leading to a host\nhang issue. To resolve this, dev_close should be called\ninstead of the device-specific stop function.dev_close\ninternally calls ndo_stop to stop the network interface\nand performs additional cleanup tasks. During the driver\nunload process, if the device is already down, ndo_stop\nis not called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37933",
"url": "https://www.suse.com/security/cve/CVE-2025-37933"
},
{
"category": "external",
"summary": "SUSE Bug 1243628 for CVE-2025-37933",
"url": "https://bugzilla.suse.com/1243628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37933"
},
{
"cve": "CVE-2025-37936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU\u0027s value.\n\nWhen generating the MSR_IA32_PEBS_ENABLE value that will be loaded on\nVM-Entry to a KVM guest, mask the value with the vCPU\u0027s desired PEBS_ENABLE\nvalue. Consulting only the host kernel\u0027s host vs. guest masks results in\nrunning the guest with PEBS enabled even when the guest doesn\u0027t want to use\nPEBS. Because KVM uses perf events to proxy the guest virtual PMU, simply\nlooking at exclude_host can\u0027t differentiate between events created by host\nuserspace, and events created by KVM on behalf of the guest.\n\nRunning the guest with PEBS unexpectedly enabled typically manifests as\ncrashes due to a near-infinite stream of #PFs. E.g. if the guest hasn\u0027t\nwritten MSR_IA32_DS_AREA, the CPU will hit page faults on address \u00270\u0027 when\ntrying to record PEBS events.\n\nThe issue is most easily reproduced by running `perf kvm top` from before\ncommit 7b100989b4f6 (\"perf evlist: Remove __evlist__add_default\") (after\nwhich, `perf kvm top` effectively stopped using PEBS).\tThe userspace side\nof perf creates a guest-only PEBS event, which intel_guest_get_msrs()\nmisconstrues a guest-*owned* PEBS event.\n\nArguably, this is a userspace bug, as enabling PEBS on guest-only events\nsimply cannot work, and userspace can kill VMs in many other ways (there\nis no danger to the host). However, even if this is considered to be bad\nuserspace behavior, there\u0027s zero downside to perf/KVM restricting PEBS to\nguest-owned events.\n\nNote, commit 854250329c02 (\"KVM: x86/pmu: Disable guest PEBS temporarily\nin two rare situations\") fixed the case where host userspace is profiling\nKVM *and* userspace, but missed the case where userspace is profiling only\nKVM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37936",
"url": "https://www.suse.com/security/cve/CVE-2025-37936"
},
{
"category": "external",
"summary": "SUSE Bug 1243537 for CVE-2025-37936",
"url": "https://bugzilla.suse.com/1243537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37936"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Verify event formats that have \"%*p..\"\n\nThe trace event verifier checks the formats of trace events to make sure\nthat they do not point at memory that is not in the trace event itself or\nin data that will never be freed. If an event references data that was\nallocated when the event triggered and that same data is freed before the\nevent is read, then the kernel can crash by reading freed memory.\n\nThe verifier runs at boot up (or module load) and scans the print formats\nof the events and checks their arguments to make sure that dereferenced\npointers are safe. If the format uses \"%*p..\" the verifier will ignore it,\nand that could be dangerous. Cover this case as well.\n\nAlso add to the sample code a use case of \"%*pbl\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37938",
"url": "https://www.suse.com/security/cve/CVE-2025-37938"
},
{
"category": "external",
"summary": "SUSE Bug 1243544 for CVE-2025-37938",
"url": "https://bugzilla.suse.com/1243544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37938"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37945",
"url": "https://www.suse.com/security/cve/CVE-2025-37945"
},
{
"category": "external",
"summary": "SUSE Bug 1243538 for CVE-2025-37945",
"url": "https://bugzilla.suse.com/1243538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs\n\nWith commit bcb5d6c76903 (\"s390/pci: introduce lock to synchronize state\nof zpci_dev\u0027s\") the code to ignore power off of a PF that has child VFs\nwas changed from a direct return to a goto to the unlock and\npci_dev_put() section. The change however left the existing pci_dev_put()\nuntouched resulting in a doubple put. This can subsequently cause a use\nafter free if the struct pci_dev is released in an unexpected state.\nFix this by removing the extra pci_dev_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37946",
"url": "https://www.suse.com/security/cve/CVE-2025-37946"
},
{
"category": "external",
"summary": "SUSE Bug 1243506 for CVE-2025-37946",
"url": "https://bugzilla.suse.com/1243506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37946"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix uninit-value for saddr in do_output_route4\n\nsyzbot reports for uninit-value for the saddr argument [1].\ncommit 4754957f04f5 (\"ipvs: do not use random local source address for\ntunnels\") already implies that the input value of saddr\nshould be ignored but the code is still reading it which can prevent\nto connect the route. Fix it by changing the argument to ret_saddr.\n\n[1]\nBUG: KMSAN: uninit-value in do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n do_output_route4+0x42c/0x4d0 net/netfilter/ipvs/ip_vs_xmit.c:147\n __ip_vs_get_out_rt+0x403/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:330\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4167 [inline]\n slab_alloc_node mm/slub.c:4210 [inline]\n __kmalloc_cache_noprof+0x8fa/0xe00 mm/slub.c:4367\n kmalloc_noprof include/linux/slab.h:905 [inline]\n ip_vs_dest_dst_alloc net/netfilter/ipvs/ip_vs_xmit.c:61 [inline]\n __ip_vs_get_out_rt+0x35d/0x21d0 net/netfilter/ipvs/ip_vs_xmit.c:323\n ip_vs_tunnel_xmit+0x205/0x2380 net/netfilter/ipvs/ip_vs_xmit.c:1136\n ip_vs_in_hook+0x1aa5/0x35b0 net/netfilter/ipvs/ip_vs_core.c:2063\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf7/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n __ip_local_out+0x758/0x7e0 net/ipv4/ip_output.c:118\n ip_local_out net/ipv4/ip_output.c:127 [inline]\n ip_send_skb+0x6a/0x3c0 net/ipv4/ip_output.c:1501\n udp_send_skb+0xfda/0x1b70 net/ipv4/udp.c:1195\n udp_sendmsg+0x2fe3/0x33c0 net/ipv4/udp.c:1483\n inet_sendmsg+0x1fc/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x267/0x380 net/socket.c:727\n ____sys_sendmsg+0x91b/0xda0 net/socket.c:2566\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2620\n __sys_sendmmsg+0x41d/0x880 net/socket.c:2702\n __compat_sys_sendmmsg net/compat.c:360 [inline]\n __do_compat_sys_sendmmsg net/compat.c:367 [inline]\n __se_compat_sys_sendmmsg net/compat.c:364 [inline]\n __ia32_compat_sys_sendmmsg+0xc8/0x140 net/compat.c:364\n ia32_sys_call+0x3ffa/0x41f0 arch/x86/include/generated/asm/syscalls_32.h:346\n do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/syscall_32.c:306\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nCPU: 0 UID: 0 PID: 22408 Comm: syz.4.5165 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(undef)\nHardware name: Google Google Compute Engi\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37961",
"url": "https://www.suse.com/security/cve/CVE-2025-37961"
},
{
"category": "external",
"summary": "SUSE Bug 1243523 for CVE-2025-37961",
"url": "https://bugzilla.suse.com/1243523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37961"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix deadlock\n\nThis patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlock\nfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connector\nmutex is only locked if a connection is established and the partner pointer\nis valid. This resolves a deadlock scenario where\nucsi_displayport_remove_partner holds con-\u003emutex waiting for\ndp_altmode_work to complete while dp_altmode_work attempts to acquire it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37967",
"url": "https://www.suse.com/security/cve/CVE-2025-37967"
},
{
"category": "external",
"summary": "SUSE Bug 1243572 for CVE-2025-37967",
"url": "https://bugzilla.suse.com/1243572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37967"
},
{
"cve": "CVE-2025-37968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: opt3001: fix deadlock due to concurrent flag access\n\nThe threaded IRQ function in this driver is reading the flag twice: once to\nlock a mutex and once to unlock it. Even though the code setting the flag\nis designed to prevent it, there are subtle cases where the flag could be\ntrue at the mutex_lock stage and false at the mutex_unlock stage. This\nresults in the mutex not being unlocked, resulting in a deadlock.\n\nFix it by making the opt3001_irq() code generally more robust, reading the\nflag into a variable and using the variable value at both stages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37968",
"url": "https://www.suse.com/security/cve/CVE-2025-37968"
},
{
"category": "external",
"summary": "SUSE Bug 1243571 for CVE-2025-37968",
"url": "https://bugzilla.suse.com/1243571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37968"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation\n\nCurrently during the multi-link element defragmentation process, the\nmulti-link element length added to the total IEs length when calculating\nthe length of remaining IEs after the multi-link element in\ncfg80211_defrag_mle(). This could lead to out-of-bounds access if the\nmulti-link element or its corresponding fragment elements are the last\nelements in the IEs buffer.\n\nTo address this issue, correctly calculate the remaining IEs length by\ndeducting the multi-link element end offset from total IEs end offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37973",
"url": "https://www.suse.com/security/cve/CVE-2025-37973"
},
{
"category": "external",
"summary": "SUSE Bug 1244172 for CVE-2025-37973",
"url": "https://bugzilla.suse.com/1244172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37973"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()\n\nHerbert notes that DIV_ROUND_UP() may overflow unnecessarily if an ecdsa\nimplementation\u0027s -\u003ekey_size() callback returns an unusually large value.\nHerbert instead suggests (for a division by 8):\n\n X / 8 + !!(X \u0026 7)\n\nBased on this formula, introduce a generic DIV_ROUND_UP_POW2() macro and\nuse it in lieu of DIV_ROUND_UP() for -\u003ekey_size() return values.\n\nAdditionally, use the macro in ecc_digits_from_bytes(), whose \"nbytes\"\nparameter is a -\u003ekey_size() return value in some instances, or a\nuser-specified ASN.1 length in the case of ecdsa_get_signature_rs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37984",
"url": "https://www.suse.com/security/cve/CVE-2025-37984"
},
{
"category": "external",
"summary": "SUSE Bug 1243669 for CVE-2025-37984",
"url": "https://bugzilla.suse.com/1243669"
},
{
"category": "external",
"summary": "SUSE Bug 1243670 for CVE-2025-37984",
"url": "https://bugzilla.suse.com/1243670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37984"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent possible adminq overflow/stuck condition\n\nThe pds_core\u0027s adminq is protected by the adminq_lock, which prevents\nmore than 1 command to be posted onto it at any one time. This makes it\nso the client drivers cannot simultaneously post adminq commands.\nHowever, the completions happen in a different context, which means\nmultiple adminq commands can be posted sequentially and all waiting\non completion.\n\nOn the FW side, the backing adminq request queue is only 16 entries\nlong and the retry mechanism and/or overflow/stuck prevention is\nlacking. This can cause the adminq to get stuck, so commands are no\nlonger processed and completions are no longer sent by the FW.\n\nAs an initial fix, prevent more than 16 outstanding adminq commands so\nthere\u0027s no way to cause the adminq from getting stuck. This works\nbecause the backing adminq request queue will never have more than 16\npending adminq commands, so it will never overflow. This is done by\nreducing the adminq depth to 16.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37987",
"url": "https://www.suse.com/security/cve/CVE-2025-37987"
},
{
"category": "external",
"summary": "SUSE Bug 1243542 for CVE-2025-37987",
"url": "https://bugzilla.suse.com/1243542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37987"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-37992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during -\u003echange()\n\nPreviously, when reducing a qdisc\u0027s limit via the -\u003echange() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch-\u003elimit against sch-\u003eq.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their -\u003echange() routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37992",
"url": "https://www.suse.com/security/cve/CVE-2025-37992"
},
{
"category": "external",
"summary": "SUSE Bug 1243698 for CVE-2025-37992",
"url": "https://bugzilla.suse.com/1243698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37992"
},
{
"cve": "CVE-2025-37994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37994",
"url": "https://www.suse.com/security/cve/CVE-2025-37994"
},
{
"category": "external",
"summary": "SUSE Bug 1243823 for CVE-2025-37994",
"url": "https://bugzilla.suse.com/1243823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37994"
},
{
"cve": "CVE-2025-37995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: ensure that kobject_put() is safe for module type kobjects\n\nIn \u0027lookup_or_create_module_kobject()\u0027, an internal kobject is created\nusing \u0027module_ktype\u0027. So call to \u0027kobject_put()\u0027 on error handling\npath causes an attempt to use an uninitialized completion pointer in\n\u0027module_kobject_release()\u0027. In this scenario, we just want to release\nkobject without an extra synchronization required for a regular module\nunloading process, so adding an extra check whether \u0027complete()\u0027 is\nactually required makes \u0027kobject_put()\u0027 safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37995",
"url": "https://www.suse.com/security/cve/CVE-2025-37995"
},
{
"category": "external",
"summary": "SUSE Bug 1243827 for CVE-2025-37995",
"url": "https://bugzilla.suse.com/1243827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-37995"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-37998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: Fix unsafe attribute parsing in output_userspace()\n\nThis patch replaces the manual Netlink attribute iteration in\noutput_userspace() with nla_for_each_nested(), which ensures that only\nwell-formed attributes are processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37998",
"url": "https://www.suse.com/security/cve/CVE-2025-37998"
},
{
"category": "external",
"summary": "SUSE Bug 1243836 for CVE-2025-37998",
"url": "https://bugzilla.suse.com/1243836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-37998"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add missing rcu read protection for procfs content\n\nWhen the procfs content is generated for a bcm_op which is in the process\nto be removed the procfs output might show unreliable data (UAF).\n\nAs the removal of bcm_op\u0027s is already implemented with rcu handling this\npatch adds the missing rcu_read_lock() and makes sure the list entries\nare properly removed under rcu protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38003",
"url": "https://www.suse.com/security/cve/CVE-2025-38003"
},
{
"category": "external",
"summary": "SUSE Bug 1244275 for CVE-2025-38003",
"url": "https://bugzilla.suse.com/1244275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38003"
},
{
"cve": "CVE-2025-38004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: add locking for bcm_op runtime updates\n\nThe CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via\nhrtimer. The content and also the length of the sequence can be changed\nresp reduced at runtime where the \u0027currframe\u0027 counter is then set to zero.\n\nAlthough this appeared to be a safe operation the updates of \u0027currframe\u0027\ncan be triggered from user space and hrtimer context in bcm_can_tx().\nAnderson Nascimento created a proof of concept that triggered a KASAN\nslab-out-of-bounds read access which can be prevented with a spin_lock_bh.\n\nAt the rework of bcm_can_tx() the \u0027count\u0027 variable has been moved into\nthe protected section as this variable can be modified from both contexts\ntoo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38004",
"url": "https://www.suse.com/security/cve/CVE-2025-38004"
},
{
"category": "external",
"summary": "SUSE Bug 1244274 for CVE-2025-38004",
"url": "https://bugzilla.suse.com/1244274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38004"
},
{
"cve": "CVE-2025-38005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Add missing locking\n\nRecent kernels complain about a missing lock in k3-udma.c when the lock\nvalidator is enabled:\n\n[ 4.128073] WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169 udma_start.isra.0+0x34/0x238\n[ 4.137352] CPU: 0 UID: 0 PID: 746 Comm: kworker/0:3 Not tainted 6.12.9-arm64 #28\n[ 4.144867] Hardware name: pp-v12 (DT)\n[ 4.148648] Workqueue: events udma_check_tx_completion\n[ 4.153841] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.160834] pc : udma_start.isra.0+0x34/0x238\n[ 4.165227] lr : udma_start.isra.0+0x30/0x238\n[ 4.169618] sp : ffffffc083cabcf0\n[ 4.172963] x29: ffffffc083cabcf0 x28: 0000000000000000 x27: ffffff800001b005\n[ 4.180167] x26: ffffffc0812f0000 x25: 0000000000000000 x24: 0000000000000000\n[ 4.187370] x23: 0000000000000001 x22: 00000000e21eabe9 x21: ffffff8000fa0670\n[ 4.194571] x20: ffffff8001b6bf00 x19: ffffff8000fa0430 x18: ffffffc083b95030\n[ 4.201773] x17: 0000000000000000 x16: 00000000f0000000 x15: 0000000000000048\n[ 4.208976] x14: 0000000000000048 x13: 0000000000000000 x12: 0000000000000001\n[ 4.216179] x11: ffffffc08151a240 x10: 0000000000003ea1 x9 : ffffffc08046ab68\n[ 4.223381] x8 : ffffffc083cabac0 x7 : ffffffc081df3718 x6 : 0000000000029fc8\n[ 4.230583] x5 : ffffffc0817ee6d8 x4 : 0000000000000bc0 x3 : 0000000000000000\n[ 4.237784] x2 : 0000000000000000 x1 : 00000000001fffff x0 : 0000000000000000\n[ 4.244986] Call trace:\n[ 4.247463] udma_start.isra.0+0x34/0x238\n[ 4.251509] udma_check_tx_completion+0xd0/0xdc\n[ 4.256076] process_one_work+0x244/0x3fc\n[ 4.260129] process_scheduled_works+0x6c/0x74\n[ 4.264610] worker_thread+0x150/0x1dc\n[ 4.268398] kthread+0xd8/0xe8\n[ 4.271492] ret_from_fork+0x10/0x20\n[ 4.275107] irq event stamp: 220\n[ 4.278363] hardirqs last enabled at (219): [\u003cffffffc080a27c7c\u003e] _raw_spin_unlock_irq+0x38/0x50\n[ 4.287183] hardirqs last disabled at (220): [\u003cffffffc080a1c154\u003e] el1_dbg+0x24/0x50\n[ 4.294879] softirqs last enabled at (182): [\u003cffffffc080037e68\u003e] handle_softirqs+0x1c0/0x3cc\n[ 4.303437] softirqs last disabled at (177): [\u003cffffffc080010170\u003e] __do_softirq+0x1c/0x28\n[ 4.311559] ---[ end trace 0000000000000000 ]---\n\nThis commit adds the missing locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38005",
"url": "https://www.suse.com/security/cve/CVE-2025-38005"
},
{
"category": "external",
"summary": "SUSE Bug 1244727 for CVE-2025-38005",
"url": "https://bugzilla.suse.com/1244727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38005"
},
{
"cve": "CVE-2025-38007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Add NULL check in uclogic_input_configured()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nuclogic_input_configured() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38007",
"url": "https://www.suse.com/security/cve/CVE-2025-38007"
},
{
"category": "external",
"summary": "SUSE Bug 1244938 for CVE-2025-38007",
"url": "https://bugzilla.suse.com/1244938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38007"
},
{
"cve": "CVE-2025-38009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: disable napi on driver removal\n\nA warning on driver removal started occurring after commit 9dd05df8403b\n(\"net: warn if NAPI instance wasn\u0027t shut down\"). Disable tx napi before\ndeleting it in mt76_dma_cleanup().\n\n WARNING: CPU: 4 PID: 18828 at net/core/dev.c:7288 __netif_napi_del_locked+0xf0/0x100\n CPU: 4 UID: 0 PID: 18828 Comm: modprobe Not tainted 6.15.0-rc4 #4 PREEMPT(lazy)\n Hardware name: ASUS System Product Name/PRIME X670E-PRO WIFI, BIOS 3035 09/05/2024\n RIP: 0010:__netif_napi_del_locked+0xf0/0x100\n Call Trace:\n \u003cTASK\u003e\n mt76_dma_cleanup+0x54/0x2f0 [mt76]\n mt7921_pci_remove+0xd5/0x190 [mt7921e]\n pci_device_remove+0x47/0xc0\n device_release_driver_internal+0x19e/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x6d/0xf0\n pci_unregister_driver+0x2e/0xb0\n __do_sys_delete_module.isra.0+0x197/0x2e0\n do_syscall_64+0x7b/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTested with mt7921e but the same pattern can be actually applied to other\nmt76 drivers calling mt76_dma_cleanup() during removal. Tx napi is enabled\nin their *_dma_init() functions and only toggled off and on again inside\ntheir suspend/resume/reset paths. So it should be okay to disable tx\nnapi in such a generic way.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38009",
"url": "https://www.suse.com/security/cve/CVE-2025-38009"
},
{
"category": "external",
"summary": "SUSE Bug 1244995 for CVE-2025-38009",
"url": "https://bugzilla.suse.com/1244995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38009"
},
{
"cve": "CVE-2025-38010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Use a bitmask for UTMI pad power state tracking\n\nThe current implementation uses bias_pad_enable as a reference count to\nmanage the shared bias pad for all UTMI PHYs. However, during system\nsuspension with connected USB devices, multiple power-down requests for\nthe UTMI pad result in a mismatch in the reference count, which in turn\nproduces warnings such as:\n\n[ 237.762967] WARNING: CPU: 10 PID: 1618 at tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763103] Call trace:\n[ 237.763104] tegra186_utmi_pad_power_down+0x160/0x170\n[ 237.763107] tegra186_utmi_phy_power_off+0x10/0x30\n[ 237.763110] phy_power_off+0x48/0x100\n[ 237.763113] tegra_xusb_enter_elpg+0x204/0x500\n[ 237.763119] tegra_xusb_suspend+0x48/0x140\n[ 237.763122] platform_pm_suspend+0x2c/0xb0\n[ 237.763125] dpm_run_callback.isra.0+0x20/0xa0\n[ 237.763127] __device_suspend+0x118/0x330\n[ 237.763129] dpm_suspend+0x10c/0x1f0\n[ 237.763130] dpm_suspend_start+0x88/0xb0\n[ 237.763132] suspend_devices_and_enter+0x120/0x500\n[ 237.763135] pm_suspend+0x1ec/0x270\n\nThe root cause was traced back to the dynamic power-down changes\nintroduced in commit a30951d31b25 (\"xhci: tegra: USB2 pad power controls\"),\nwhere the UTMI pad was being powered down without verifying its current\nstate. This unbalanced behavior led to discrepancies in the reference\ncount.\n\nTo rectify this issue, this patch replaces the single reference counter\nwith a bitmask, renamed to utmi_pad_enabled. Each bit in the mask\ncorresponds to one of the four USB2 PHYs, allowing us to track each pad\u0027s\nenablement status individually.\n\nWith this change:\n - The bias pad is powered on only when the mask is clear.\n - Each UTMI pad is powered on or down based on its corresponding bit\n in the mask, preventing redundant operations.\n - The overall power state of the shared bias pad is maintained\n correctly during suspend/resume cycles.\n\nThe mutex used to prevent race conditions during UTMI pad enable/disable\noperations has been moved from the tegra186_utmi_bias_pad_power_on/off\nfunctions to the parent functions tegra186_utmi_pad_power_on/down. This\nchange ensures that there are no race conditions when updating the bitmask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38010",
"url": "https://www.suse.com/security/cve/CVE-2025-38010"
},
{
"category": "external",
"summary": "SUSE Bug 1244996 for CVE-2025-38010",
"url": "https://bugzilla.suse.com/1244996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38010"
},
{
"cve": "CVE-2025-38011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: csa unmap use uninterruptible lock\n\nAfter process exit to unmap csa and free GPU vm, if signal is accepted\nand then waiting to take vm lock is interrupted and return, it causes\nmemory leaking and below warning backtrace.\n\nChange to use uninterruptible wait lock fix the issue.\n\nWARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525\n amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu]\n Call Trace:\n \u003cTASK\u003e\n drm_file_free.part.0+0x1da/0x230 [drm]\n drm_close_helper.isra.0+0x65/0x70 [drm]\n drm_release+0x6a/0x120 [drm]\n amdgpu_drm_release+0x51/0x60 [amdgpu]\n __fput+0x9f/0x280\n ____fput+0xe/0x20\n task_work_run+0x67/0xa0\n do_exit+0x217/0x3c0\n do_group_exit+0x3b/0xb0\n get_signal+0x14a/0x8d0\n arch_do_signal_or_restart+0xde/0x100\n exit_to_user_mode_loop+0xc1/0x1a0\n exit_to_user_mode_prepare+0xf4/0x100\n syscall_exit_to_user_mode+0x17/0x40\n do_syscall_64+0x69/0xc0\n\n(cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38011",
"url": "https://www.suse.com/security/cve/CVE-2025-38011"
},
{
"category": "external",
"summary": "SUSE Bug 1244729 for CVE-2025-38011",
"url": "https://bugzilla.suse.com/1244729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38011"
},
{
"cve": "CVE-2025-38013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request\n\nMake sure that n_channels is set after allocating the\nstruct cfg80211_registered_device::int_scan_req member. Seen with\nsyzkaller:\n\nUBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5\nindex 0 is out of range for type \u0027struct ieee80211_channel *[] __counted_by(n_channels)\u0027 (aka \u0027struct ieee80211_channel *[]\u0027)\n\nThis was missed in the initial conversions because I failed to locate\nthe allocation likely due to the \"sizeof(void *)\" not matching the\n\"channels\" array type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38013",
"url": "https://www.suse.com/security/cve/CVE-2025-38013"
},
{
"category": "external",
"summary": "SUSE Bug 1244731 for CVE-2025-38013",
"url": "https://bugzilla.suse.com/1244731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38013"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix memory leak in error handling path of idxd_alloc\n\nMemory allocated for idxd is not freed if an error occurs during\nidxd_alloc(). To fix it, free the allocated memory in the reverse order\nof allocation before exiting the function in case of an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38015",
"url": "https://www.suse.com/security/cve/CVE-2025-38015"
},
{
"category": "external",
"summary": "SUSE Bug 1244789 for CVE-2025-38015",
"url": "https://bugzilla.suse.com/1244789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38015"
},
{
"cve": "CVE-2025-38018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix kernel panic when alloc_page failed\n\nWe cannot set frag_list to NULL pointer when alloc_page failed.\nIt will be used in tls_strp_check_queue_ok when the next time\ntls_strp_read_sock is called.\n\nThis is because we don\u0027t reset full_len in tls_strp_flush_anchor_copy()\nso the recv path will try to continue handling the partial record\non the next call but we dettached the rcvq from the frag list.\nAlternative fix would be to reset full_len.\n\nUnable to handle kernel NULL pointer dereference\nat virtual address 0000000000000028\n Call trace:\n tls_strp_check_rcv+0x128/0x27c\n tls_strp_data_ready+0x34/0x44\n tls_data_ready+0x3c/0x1f0\n tcp_data_ready+0x9c/0xe4\n tcp_data_queue+0xf6c/0x12d0\n tcp_rcv_established+0x52c/0x798",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38018",
"url": "https://www.suse.com/security/cve/CVE-2025-38018"
},
{
"category": "external",
"summary": "SUSE Bug 1244999 for CVE-2025-38018",
"url": "https://bugzilla.suse.com/1244999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38018"
},
{
"cve": "CVE-2025-38020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Disable MACsec offload for uplink representor profile\n\nMACsec offload is not supported in switchdev mode for uplink\nrepresentors. When switching to the uplink representor profile, the\nMACsec offload feature must be cleared from the netdevice\u0027s features.\n\nIf left enabled, attempts to add offloads result in a null pointer\ndereference, as the uplink representor does not support MACsec offload\neven though the feature bit remains set.\n\nClear NETIF_F_HW_MACSEC in mlx5e_fix_uplink_rep_features().\n\nKernel log:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 29 UID: 0 PID: 4714 Comm: ip Not tainted 6.14.0-rc4_for_upstream_debug_2025_03_02_17_35 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__mutex_lock+0x128/0x1dd0\nCode: d0 7c 08 84 d2 0f 85 ad 15 00 00 8b 35 91 5c fe 03 85 f6 75 29 49 8d 7e 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 a6 15 00 00 4d 3b 76 60 0f 85 fd 0b 00 00 65 ff\nRSP: 0018:ffff888147a4f160 EFLAGS: 00010206\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000001\nRDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000078\nRBP: ffff888147a4f2e0 R08: ffffffffa05d2c19 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000018 R15: ffff888152de0000\nFS: 00007f855e27d800(0000) GS:ffff88881ee80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000004e5768 CR3: 000000013ae7c005 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? __mutex_lock+0x128/0x1dd0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mutex_lock_io_nested+0x1ae0/0x1ae0\n ? lock_acquire+0x1c2/0x530\n ? macsec_upd_offload+0x145/0x380\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n ? __kasan_kmalloc+0x77/0x90\n ? __kmalloc_noprof+0x249/0x6b0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0xb5/0x240\n ? mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n mlx5e_macsec_add_secy+0xf9/0x700 [mlx5_core]\n ? mlx5e_macsec_add_rxsa+0x11a0/0x11a0 [mlx5_core]\n macsec_update_offload+0x26c/0x820\n ? macsec_set_mac_address+0x4b0/0x4b0\n ? lockdep_hardirqs_on_prepare+0x284/0x400\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n macsec_upd_offload+0x2c8/0x380\n ? macsec_update_offload+0x820/0x820\n ? __nla_parse+0x22/0x30\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x15e/0x240\n genl_family_rcv_msg_doit+0x1cc/0x2a0\n ? genl_family_rcv_msg_attrs_parse.constprop.0+0x240/0x240\n ? cap_capable+0xd4/0x330\n genl_rcv_msg+0x3ea/0x670\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? macsec_update_offload+0x820/0x820\n netlink_rcv_skb+0x12b/0x390\n ? genl_family_rcv_msg_dumpit+0x2a0/0x2a0\n ? netlink_ack+0xd80/0xd80\n ? rwsem_down_read_slowpath+0xf90/0xf90\n ? netlink_deliver_tap+0xcd/0xac0\n ? netlink_deliver_tap+0x155/0xac0\n ? _copy_from_iter+0x1bb/0x12c0\n genl_rcv+0x24/0x40\n netlink_unicast+0x440/0x700\n ? netlink_attachskb+0x760/0x760\n ? lock_acquire+0x1c2/0x530\n ? __might_fault+0xbb/0x170\n netlink_sendmsg+0x749/0xc10\n ? netlink_unicast+0x700/0x700\n ? __might_fault+0xbb/0x170\n ? netlink_unicast+0x700/0x700\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x53f/0x760\n ? import_iovec+0x7/0x10\n ? kernel_sendmsg+0x30/0x30\n ? __copy_msghdr+0x3c0/0x3c0\n ? filter_irq_stacks+0x90/0x90\n ? stack_depot_save_flags+0x28/0xa30\n ___sys_sen\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38020",
"url": "https://www.suse.com/security/cve/CVE-2025-38020"
},
{
"category": "external",
"summary": "SUSE Bug 1245001 for CVE-2025-38020",
"url": "https://bugzilla.suse.com/1245001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38020"
},
{
"cve": "CVE-2025-38022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38022",
"url": "https://www.suse.com/security/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "SUSE Bug 1245003 for CVE-2025-38022",
"url": "https://bugzilla.suse.com/1245003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38022"
},
{
"cve": "CVE-2025-38023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: handle failure of nfs_get_lock_context in unlock path\n\nWhen memory is insufficient, the allocation of nfs_lock_context in\nnfs_get_lock_context() fails and returns -ENOMEM. If we mistakenly treat\nan nfs4_unlockdata structure (whose l_ctx member has been set to -ENOMEM)\nas valid and proceed to execute rpc_run_task(), this will trigger a NULL\npointer dereference in nfs4_locku_prepare. For example:\n\nBUG: kernel NULL pointer dereference, address: 000000000000000c\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 15 UID: 0 PID: 12 Comm: kworker/u64:0 Not tainted 6.15.0-rc2-dirty #60\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40\nWorkqueue: rpciod rpc_async_schedule\nRIP: 0010:nfs4_locku_prepare+0x35/0xc2\nCode: 89 f2 48 89 fd 48 c7 c7 68 69 ef b5 53 48 8b 8e 90 00 00 00 48 89 f3\nRSP: 0018:ffffbbafc006bdb8 EFLAGS: 00010246\nRAX: 000000000000004b RBX: ffff9b964fc1fa00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: fffffffffffffff4 RDI: ffff9ba53fddbf40\nRBP: ffff9ba539934000 R08: 0000000000000000 R09: ffffbbafc006bc38\nR10: ffffffffb6b689c8 R11: 0000000000000003 R12: ffff9ba539934030\nR13: 0000000000000001 R14: 0000000004248060 R15: ffffffffb56d1c30\nFS: 0000000000000000(0000) GS:ffff9ba5881f0000(0000) knlGS:00000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000000c CR3: 000000093f244000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rpc_execute+0xbc/0x480\n rpc_async_schedule+0x2f/0x40\n process_one_work+0x232/0x5d0\n worker_thread+0x1da/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x240\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in:\nCR2: 000000000000000c\n---[ end trace 0000000000000000 ]---\n\nFree the allocated nfs4_unlockdata when nfs_get_lock_context() fails and\nreturn NULL to terminate subsequent rpc_run_task, preventing NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38023",
"url": "https://www.suse.com/security/cve/CVE-2025-38023"
},
{
"category": "external",
"summary": "SUSE Bug 1245004 for CVE-2025-38023",
"url": "https://bugzilla.suse.com/1245004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38023"
},
{
"cve": "CVE-2025-38024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcf/0x610 mm/kasan/report.c:489\n kasan_report+0xb5/0xe0 mm/kasan/report.c:602\n rxe_queue_cleanup+0xd0/0xe0 drivers/infiniband/sw/rxe/rxe_queue.c:195\n rxe_cq_cleanup+0x3f/0x50 drivers/infiniband/sw/rxe/rxe_cq.c:132\n __rxe_cleanup+0x168/0x300 drivers/infiniband/sw/rxe/rxe_pool.c:232\n rxe_create_cq+0x22e/0x3a0 drivers/infiniband/sw/rxe/rxe_verbs.c:1109\n create_cq+0x658/0xb90 drivers/infiniband/core/uverbs_cmd.c:1052\n ib_uverbs_create_cq+0xc7/0x120 drivers/infiniband/core/uverbs_cmd.c:1095\n ib_uverbs_write+0x969/0xc90 drivers/infiniband/core/uverbs_main.c:679\n vfs_write fs/read_write.c:677 [inline]\n vfs_write+0x26a/0xcc0 fs/read_write.c:659\n ksys_write+0x1b8/0x200 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn the function rxe_create_cq, when rxe_cq_from_init fails, the function\nrxe_cleanup will be called to handle the allocated resources. In fact,\nsome memory resources have already been freed in the function\nrxe_cq_from_init. Thus, this problem will occur.\n\nThe solution is to let rxe_cleanup do all the work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38024",
"url": "https://www.suse.com/security/cve/CVE-2025-38024"
},
{
"category": "external",
"summary": "SUSE Bug 1245025 for CVE-2025-38024",
"url": "https://bugzilla.suse.com/1245025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38024"
},
{
"cve": "CVE-2025-38027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: max20086: fix invalid memory access\n\nmax20086_parse_regulators_dt() calls of_regulator_match() using an\narray of struct of_regulator_match allocated on the stack for the\nmatches argument.\n\nof_regulator_match() calls devm_of_regulator_put_matches(), which calls\ndevres_alloc() to allocate a struct devm_of_regulator_matches which will\nbe de-allocated using devm_of_regulator_put_matches().\n\nstruct devm_of_regulator_matches is populated with the stack allocated\nmatches array.\n\nIf the device fails to probe, devm_of_regulator_put_matches() will be\ncalled and will try to call of_node_put() on that stack pointer,\ngenerating the following dmesg entries:\n\nmax20086 6-0028: Failed to read DEVICE_ID reg: -121\nkobject: \u0027\\xc0$\\xa5\\x03\u0027 (000000002cebcb7a): is not initialized, yet\nkobject_put() is being called.\n\nFollowed by a stack trace matching the call flow described above.\n\nSwitch to allocating the matches array using devm_kcalloc() to\navoid accessing the stack pointer long after it\u0027s out of scope.\n\nThis also has the advantage of allowing multiple max20086 to probe\nwithout overriding the data stored inside the global of_regulator_match.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38027",
"url": "https://www.suse.com/security/cve/CVE-2025-38027"
},
{
"category": "external",
"summary": "SUSE Bug 1245042 for CVE-2025-38027",
"url": "https://bugzilla.suse.com/1245042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38027"
},
{
"cve": "CVE-2025-38031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: do not leak refcount in reorder_work\n\nA recent patch that addressed a UAF introduced a reference count leak:\nthe parallel_data refcount is incremented unconditionally, regardless\nof the return value of queue_work(). If the work item is already queued,\nthe incremented refcount is never decremented.\n\nFix this by checking the return value of queue_work() and decrementing\nthe refcount when necessary.\n\nResolves:\n\nUnreferenced object 0xffff9d9f421e3d80 (size 192):\n comm \"cryptomgr_probe\", pid 157, jiffies 4294694003\n hex dump (first 32 bytes):\n 80 8b cf 41 9f 9d ff ff b8 97 e0 89 ff ff ff ff ...A............\n d0 97 e0 89 ff ff ff ff 19 00 00 00 1f 88 23 00 ..............#.\n backtrace (crc 838fb36):\n __kmalloc_cache_noprof+0x284/0x320\n padata_alloc_pd+0x20/0x1e0\n padata_alloc_shell+0x3b/0xa0\n 0xffffffffc040a54d\n cryptomgr_probe+0x43/0xc0\n kthread+0xf6/0x1f0\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38031",
"url": "https://www.suse.com/security/cve/CVE-2025-38031"
},
{
"category": "external",
"summary": "SUSE Bug 1245046 for CVE-2025-38031",
"url": "https://bugzilla.suse.com/1245046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38031"
},
{
"cve": "CVE-2025-38034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref\n\nbtrfs_prelim_ref() calls the old and new reference variables in the\nincorrect order. This causes a NULL pointer dereference because oldref\nis passed as NULL to trace_btrfs_prelim_ref_insert().\n\nNote, trace_btrfs_prelim_ref_insert() is being called with newref as\noldref (and oldref as NULL) on purpose in order to print out\nthe values of newref.\n\nTo reproduce:\necho 1 \u003e /sys/kernel/debug/tracing/events/btrfs/btrfs_prelim_ref_insert/enable\n\nPerform some writeback operations.\n\nBacktrace:\nBUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 115949067 P4D 115949067 PUD 11594a067 PMD 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 1 UID: 0 PID: 1188 Comm: fsstress Not tainted 6.15.0-rc2-tester+ #47 PREEMPT(voluntary) 7ca2cef72d5e9c600f0c7718adb6462de8149622\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-2-gc13ff2cd-prebuilt.qemu.org 04/01/2014\n RIP: 0010:trace_event_raw_event_btrfs__prelim_ref+0x72/0x130\n Code: e8 43 81 9f ff 48 85 c0 74 78 4d 85 e4 0f 84 8f 00 00 00 49 8b 94 24 c0 06 00 00 48 8b 0a 48 89 48 08 48 8b 52 08 48 89 50 10 \u003c49\u003e 8b 55 18 48 89 50 18 49 8b 55 20 48 89 50 20 41 0f b6 55 28 88\n RSP: 0018:ffffce44820077a0 EFLAGS: 00010286\n RAX: ffff8c6b403f9014 RBX: ffff8c6b55825730 RCX: 304994edf9cf506b\n RDX: d8b11eb7f0fdb699 RSI: ffff8c6b403f9010 RDI: ffff8c6b403f9010\n RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000010\n R10: 00000000ffffffff R11: 0000000000000000 R12: ffff8c6b4e8fb000\n R13: 0000000000000000 R14: ffffce44820077a8 R15: ffff8c6b4abd1540\n FS: 00007f4dc6813740(0000) GS:ffff8c6c1d378000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000018 CR3: 000000010eb42000 CR4: 0000000000750ef0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n prelim_ref_insert+0x1c1/0x270\n find_parent_nodes+0x12a6/0x1ee0\n ? __entry_text_end+0x101f06/0x101f09\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n btrfs_is_data_extent_shared+0x167/0x640\n ? fiemap_process_hole+0xd0/0x2c0\n extent_fiemap+0xa5c/0xbc0\n ? __entry_text_end+0x101f05/0x101f09\n btrfs_fiemap+0x7e/0xd0\n do_vfs_ioctl+0x425/0x9d0\n __x64_sys_ioctl+0x75/0xc0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38034",
"url": "https://www.suse.com/security/cve/CVE-2025-38034"
},
{
"category": "external",
"summary": "SUSE Bug 1244792 for CVE-2025-38034",
"url": "https://bugzilla.suse.com/1244792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38034"
},
{
"cve": "CVE-2025-38035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: don\u0027t restore null sk_state_change\n\nqueue-\u003estate_change is set as part of nvmet_tcp_set_queue_sock(), but if\nthe TCP connection isn\u0027t established when nvmet_tcp_set_queue_sock() is\ncalled then queue-\u003estate_change isn\u0027t set and sock-\u003esk-\u003esk_state_change\nisn\u0027t replaced.\n\nAs such we don\u0027t need to restore sock-\u003esk-\u003esk_state_change if\nqueue-\u003estate_change is NULL.\n\nThis avoids NULL pointer dereferences such as this:\n\n[ 286.462026][ C0] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 286.462814][ C0] #PF: supervisor instruction fetch in kernel mode\n[ 286.463796][ C0] #PF: error_code(0x0010) - not-present page\n[ 286.464392][ C0] PGD 8000000140620067 P4D 8000000140620067 PUD 114201067 PMD 0\n[ 286.465086][ C0] Oops: Oops: 0010 [#1] SMP KASAN PTI\n[ 286.465559][ C0] CPU: 0 UID: 0 PID: 1628 Comm: nvme Not tainted 6.15.0-rc2+ #11 PREEMPT(voluntary)\n[ 286.466393][ C0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 286.467147][ C0] RIP: 0010:0x0\n[ 286.467420][ C0] Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n[ 286.467977][ C0] RSP: 0018:ffff8883ae008580 EFLAGS: 00010246\n[ 286.468425][ C0] RAX: 0000000000000000 RBX: ffff88813fd34100 RCX: ffffffffa386cc43\n[ 286.469019][ C0] RDX: 1ffff11027fa68b6 RSI: 0000000000000008 RDI: ffff88813fd34100\n[ 286.469545][ C0] RBP: ffff88813fd34160 R08: 0000000000000000 R09: ffffed1027fa682c\n[ 286.470072][ C0] R10: ffff88813fd34167 R11: 0000000000000000 R12: ffff88813fd344c3\n[ 286.470585][ C0] R13: ffff88813fd34112 R14: ffff88813fd34aec R15: ffff888132cdd268\n[ 286.471070][ C0] FS: 00007fe3c04c7d80(0000) GS:ffff88840743f000(0000) knlGS:0000000000000000\n[ 286.471644][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 286.472543][ C0] CR2: ffffffffffffffd6 CR3: 000000012daca000 CR4: 00000000000006f0\n[ 286.473500][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 286.474467][ C0] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400\n[ 286.475453][ C0] Call Trace:\n[ 286.476102][ C0] \u003cIRQ\u003e\n[ 286.476719][ C0] tcp_fin+0x2bb/0x440\n[ 286.477429][ C0] tcp_data_queue+0x190f/0x4e60\n[ 286.478174][ C0] ? __build_skb_around+0x234/0x330\n[ 286.478940][ C0] ? rcu_is_watching+0x11/0xb0\n[ 286.479659][ C0] ? __pfx_tcp_data_queue+0x10/0x10\n[ 286.480431][ C0] ? tcp_try_undo_loss+0x640/0x6c0\n[ 286.481196][ C0] ? seqcount_lockdep_reader_access.constprop.0+0x82/0x90\n[ 286.482046][ C0] ? kvm_clock_get_cycles+0x14/0x30\n[ 286.482769][ C0] ? ktime_get+0x66/0x150\n[ 286.483433][ C0] ? rcu_is_watching+0x11/0xb0\n[ 286.484146][ C0] tcp_rcv_established+0x6e4/0x2050\n[ 286.484857][ C0] ? rcu_is_watching+0x11/0xb0\n[ 286.485523][ C0] ? ipv4_dst_check+0x160/0x2b0\n[ 286.486203][ C0] ? __pfx_tcp_rcv_established+0x10/0x10\n[ 286.486917][ C0] ? lock_release+0x217/0x2c0\n[ 286.487595][ C0] tcp_v4_do_rcv+0x4d6/0x9b0\n[ 286.488279][ C0] tcp_v4_rcv+0x2af8/0x3e30\n[ 286.488904][ C0] ? raw_local_deliver+0x51b/0xad0\n[ 286.489551][ C0] ? rcu_is_watching+0x11/0xb0\n[ 286.490198][ C0] ? __pfx_tcp_v4_rcv+0x10/0x10\n[ 286.490813][ C0] ? __pfx_raw_local_deliver+0x10/0x10\n[ 286.491487][ C0] ? __pfx_nf_confirm+0x10/0x10 [nf_conntrack]\n[ 286.492275][ C0] ? rcu_is_watching+0x11/0xb0\n[ 286.492900][ C0] ip_protocol_deliver_rcu+0x8f/0x370\n[ 286.493579][ C0] ip_local_deliver_finish+0x297/0x420\n[ 286.494268][ C0] ip_local_deliver+0x168/0x430\n[ 286.494867][ C0] ? __pfx_ip_local_deliver+0x10/0x10\n[ 286.495498][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10\n[ 286.496204][ C0] ? ip_rcv_finish_core+0x19a/0x1f20\n[ 286.496806][ C0] ? lock_release+0x217/0x2c0\n[ 286.497414][ C0] ip_rcv+0x455/0x6e0\n[ 286.497945][ C0] ? __pfx_ip_rcv+0x10/0x10\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38035",
"url": "https://www.suse.com/security/cve/CVE-2025-38035"
},
{
"category": "external",
"summary": "SUSE Bug 1244801 for CVE-2025-38035",
"url": "https://bugzilla.suse.com/1244801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38035"
},
{
"cve": "CVE-2025-38040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mctrl_gpio: split disable_ms into sync and no_sync APIs\n\nThe following splat has been observed on a SAMA5D27 platform using\natmel_serial:\n\nBUG: sleeping function called from invalid context at kernel/irq/manage.c:738\nin_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 27, name: kworker/u5:0\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nirq event stamp: 0\nhardirqs last enabled at (0): [\u003c00000000\u003e] 0x0\nhardirqs last disabled at (0): [\u003cc01588f0\u003e] copy_process+0x1c4c/0x7bec\nsoftirqs last enabled at (0): [\u003cc0158944\u003e] copy_process+0x1ca0/0x7bec\nsoftirqs last disabled at (0): [\u003c00000000\u003e] 0x0\nCPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74\nHardware name: Atmel SAMA5\nWorkqueue: hci0 hci_power_on [bluetooth]\nCall trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x44/0x70\n dump_stack_lvl from __might_resched+0x38c/0x598\n __might_resched from disable_irq+0x1c/0x48\n disable_irq from mctrl_gpio_disable_ms+0x74/0xc0\n mctrl_gpio_disable_ms from atmel_disable_ms.part.0+0x80/0x1f4\n atmel_disable_ms.part.0 from atmel_set_termios+0x764/0x11e8\n atmel_set_termios from uart_change_line_settings+0x15c/0x994\n uart_change_line_settings from uart_set_termios+0x2b0/0x668\n uart_set_termios from tty_set_termios+0x600/0x8ec\n tty_set_termios from ttyport_set_flow_control+0x188/0x1e0\n ttyport_set_flow_control from wilc_setup+0xd0/0x524 [hci_wilc]\n wilc_setup [hci_wilc] from hci_dev_open_sync+0x330/0x203c [bluetooth]\n hci_dev_open_sync [bluetooth] from hci_dev_do_open+0x40/0xb0 [bluetooth]\n hci_dev_do_open [bluetooth] from hci_power_on+0x12c/0x664 [bluetooth]\n hci_power_on [bluetooth] from process_one_work+0x998/0x1a38\n process_one_work from worker_thread+0x6e0/0xfb4\n worker_thread from kthread+0x3d4/0x484\n kthread from ret_from_fork+0x14/0x28\n\nThis warning is emitted when trying to toggle, at the highest level,\nsome flow control (with serdev_device_set_flow_control) in a device\ndriver. At the lowest level, the atmel_serial driver is using\nserial_mctrl_gpio lib to enable/disable the corresponding IRQs\naccordingly. The warning emitted by CONFIG_DEBUG_ATOMIC_SLEEP is due to\ndisable_irq (called in mctrl_gpio_disable_ms) being possibly called in\nsome atomic context (some tty drivers perform modem lines configuration\nin regions protected by port lock).\n\nSplit mctrl_gpio_disable_ms into two differents APIs, a non-blocking one\nand a blocking one. Replace mctrl_gpio_disable_ms calls with the\nrelevant version depending on whether the call is protected by some port\nlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38040",
"url": "https://www.suse.com/security/cve/CVE-2025-38040"
},
{
"category": "external",
"summary": "SUSE Bug 1245078 for CVE-2025-38040",
"url": "https://bugzilla.suse.com/1245078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38040"
},
{
"cve": "CVE-2025-38043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38043",
"url": "https://www.suse.com/security/cve/CVE-2025-38043"
},
{
"category": "external",
"summary": "SUSE Bug 1245081 for CVE-2025-38043",
"url": "https://bugzilla.suse.com/1245081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38043"
},
{
"cve": "CVE-2025-38044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx231xx: set device_caps for 417\n\nThe video_device for the MPEG encoder did not set device_caps.\n\nAdd this, otherwise the video device can\u0027t be registered (you get a\nWARN_ON instead).\n\nNot seen before since currently 417 support is disabled, but I found\nthis while experimenting with it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38044",
"url": "https://www.suse.com/security/cve/CVE-2025-38044"
},
{
"category": "external",
"summary": "SUSE Bug 1245082 for CVE-2025-38044",
"url": "https://bugzilla.suse.com/1245082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38044"
},
{
"cve": "CVE-2025-38045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix debug actions order\n\nThe order of actions taken for debug was implemented incorrectly.\nNow we implemented the dump split and do the FW reset only in the\nmiddle of the dump (rather than the FW killing itself on error.)\nAs a result, some of the actions taken when applying the config\nwill now crash the device, so we need to fix the order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38045",
"url": "https://www.suse.com/security/cve/CVE-2025-38045"
},
{
"category": "external",
"summary": "SUSE Bug 1245083 for CVE-2025-38045",
"url": "https://bugzilla.suse.com/1245083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38045"
},
{
"cve": "CVE-2025-38051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Fix use-after-free in cifs_fill_dirent\n\nThere is a race condition in the readdir concurrency process, which may\naccess the rsp buffer after it has been released, triggering the\nfollowing KASAN warning.\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in cifs_fill_dirent+0xb03/0xb60 [cifs]\n Read of size 4 at addr ffff8880099b819c by task a.out/342975\n\n CPU: 2 UID: 0 PID: 342975 Comm: a.out Not tainted 6.15.0-rc6+ #240 PREEMPT(full)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n print_report+0xce/0x640\n kasan_report+0xb8/0xf0\n cifs_fill_dirent+0xb03/0xb60 [cifs]\n cifs_readdir+0x12cb/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f996f64b9f9\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89\n f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\n f0 ff ff 0d f7 c3 0c 00 f7 d8 64 89 8\n RSP: 002b:00007f996f53de78 EFLAGS: 00000207 ORIG_RAX: 000000000000004e\n RAX: ffffffffffffffda RBX: 00007f996f53ecdc RCX: 00007f996f64b9f9\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n RBP: 00007f996f53dea0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000207 R12: ffffffffffffff88\n R13: 0000000000000000 R14: 00007ffc8cd9a500 R15: 00007f996f51e000\n \u003c/TASK\u003e\n\n Allocated by task 408:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n __kasan_slab_alloc+0x6e/0x70\n kmem_cache_alloc_noprof+0x117/0x3d0\n mempool_alloc_noprof+0xf2/0x2c0\n cifs_buf_get+0x36/0x80 [cifs]\n allocate_buffers+0x1d2/0x330 [cifs]\n cifs_demultiplex_thread+0x22b/0x2690 [cifs]\n kthread+0x394/0x720\n ret_from_fork+0x34/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Freed by task 342979:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kmem_cache_free+0x2b8/0x500\n cifs_buf_release+0x3c/0x70 [cifs]\n cifs_readdir+0x1c97/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents64+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n The buggy address belongs to the object at ffff8880099b8000\n which belongs to the cache cifs_request of size 16588\n The buggy address is located 412 bytes inside of\n freed 16588-byte region [ffff8880099b8000, ffff8880099bc0cc)\n\n The buggy address belongs to the physical page:\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x99b8\n head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n anon flags: 0x80000000000040(head|node=0|zone=1)\n page_type: f5(slab)\n raw: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n raw: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n head: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000003 ffffea0000266e01 00000000ffffffff 00000000ffffffff\n head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8880099b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n \u003effff8880099b8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8880099b8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ==================================================================\n\nPOC is available in the link [1].\n\nThe problem triggering process is as follows:\n\nProcess 1 Process 2\n-----------------------------------\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38051",
"url": "https://www.suse.com/security/cve/CVE-2025-38051"
},
{
"category": "external",
"summary": "SUSE Bug 1244750 for CVE-2025-38051",
"url": "https://bugzilla.suse.com/1244750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38051"
},
{
"cve": "CVE-2025-38052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done\n\nSyzbot reported a slab-use-after-free with the following call trace:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in tipc_aead_encrypt_done+0x4bd/0x510 net/tipc/crypto.c:840\n Read of size 8 at addr ffff88807a733000 by task kworker/1:0/25\n\n Call Trace:\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n tipc_aead_encrypt_done+0x4bd/0x510 net/tipc/crypto.c:840\n crypto_request_complete include/crypto/algapi.h:266\n aead_request_complete include/crypto/internal/aead.h:85\n cryptd_aead_crypt+0x3b8/0x750 crypto/cryptd.c:772\n crypto_request_complete include/crypto/algapi.h:266\n cryptd_queue_worker+0x131/0x200 crypto/cryptd.c:181\n process_one_work+0x9fb/0x1b60 kernel/workqueue.c:3231\n\n Allocated by task 8355:\n kzalloc_noprof include/linux/slab.h:778\n tipc_crypto_start+0xcc/0x9e0 net/tipc/crypto.c:1466\n tipc_init_net+0x2dd/0x430 net/tipc/core.c:72\n ops_init+0xb9/0x650 net/core/net_namespace.c:139\n setup_net+0x435/0xb40 net/core/net_namespace.c:343\n copy_net_ns+0x2f0/0x670 net/core/net_namespace.c:508\n create_new_namespaces+0x3ea/0xb10 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:228\n ksys_unshare+0x419/0x970 kernel/fork.c:3323\n __do_sys_unshare kernel/fork.c:3394\n\n Freed by task 63:\n kfree+0x12a/0x3b0 mm/slub.c:4557\n tipc_crypto_stop+0x23c/0x500 net/tipc/crypto.c:1539\n tipc_exit_net+0x8c/0x110 net/tipc/core.c:119\n ops_exit_list+0xb0/0x180 net/core/net_namespace.c:173\n cleanup_net+0x5b7/0xbf0 net/core/net_namespace.c:640\n process_one_work+0x9fb/0x1b60 kernel/workqueue.c:3231\n\nAfter freed the tipc_crypto tx by delete namespace, tipc_aead_encrypt_done\nmay still visit it in cryptd_queue_worker workqueue.\n\nI reproduce this issue by:\n ip netns add ns1\n ip link add veth1 type veth peer name veth2\n ip link set veth1 netns ns1\n ip netns exec ns1 tipc bearer enable media eth dev veth1\n ip netns exec ns1 tipc node set key this_is_a_master_key master\n ip netns exec ns1 tipc bearer disable media eth dev veth1\n ip netns del ns1\n\nThe key of reproduction is that, simd_aead_encrypt is interrupted, leading\nto crypto_simd_usable() return false. Thus, the cryptd_queue_worker is\ntriggered, and the tipc_crypto tx will be visited.\n\n tipc_disc_timeout\n tipc_bearer_xmit_skb\n tipc_crypto_xmit\n tipc_aead_encrypt\n crypto_aead_encrypt\n // encrypt()\n simd_aead_encrypt\n // crypto_simd_usable() is false\n child = \u0026ctx-\u003ecryptd_tfm-\u003ebase;\n\n simd_aead_encrypt\n crypto_aead_encrypt\n // encrypt()\n cryptd_aead_encrypt_enqueue\n cryptd_aead_enqueue\n cryptd_enqueue_request\n // trigger cryptd_queue_worker\n queue_work_on(smp_processor_id(), cryptd_wq, \u0026cpu_queue-\u003ework)\n\nFix this by holding net reference count before encrypt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38052",
"url": "https://www.suse.com/security/cve/CVE-2025-38052"
},
{
"category": "external",
"summary": "SUSE Bug 1244749 for CVE-2025-38052",
"url": "https://bugzilla.suse.com/1244749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38052"
},
{
"cve": "CVE-2025-38053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix null-ptr-deref in idpf_features_check\n\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\n\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x154/0x520\n ? exc_page_fault+0x76/0x190\n ? asm_exc_page_fault+0x26/0x30\n ? idpf_features_check+0x6d/0xe0 [idpf]\n netif_skb_features+0x88/0x310\n validate_xmit_skb+0x2a/0x2b0\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x19d/0x3a0\n __dev_queue_xmit+0xb74/0xe70\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38053",
"url": "https://www.suse.com/security/cve/CVE-2025-38053"
},
{
"category": "external",
"summary": "SUSE Bug 1244746 for CVE-2025-38053",
"url": "https://bugzilla.suse.com/1244746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38053"
},
{
"cve": "CVE-2025-38057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: fix skb leaks\n\nA few error paths are missing a kfree_skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38057",
"url": "https://www.suse.com/security/cve/CVE-2025-38057"
},
{
"category": "external",
"summary": "SUSE Bug 1244862 for CVE-2025-38057",
"url": "https://bugzilla.suse.com/1244862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38057"
},
{
"cve": "CVE-2025-38058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n__legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock\n\n... or we risk stealing final mntput from sync umount - raising mnt_count\nafter umount(2) has verified that victim is not busy, but before it\nhas set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn\u0027t see\nthat it\u0027s safe to quietly undo mnt_count increment and leaves dropping\nthe reference to caller, where it\u0027ll be a full-blown mntput().\n\nCheck under mount_lock is needed; leaving the current one done before\ntaking that makes no sense - it\u0027s nowhere near common enough to bother\nwith.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38058",
"url": "https://www.suse.com/security/cve/CVE-2025-38058"
},
{
"category": "external",
"summary": "SUSE Bug 1245151 for CVE-2025-38058",
"url": "https://bugzilla.suse.com/1245151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38058"
},
{
"cve": "CVE-2025-38059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: avoid NULL pointer dereference if no valid csum tree\n\n[BUG]\nWhen trying read-only scrub on a btrfs with rescue=idatacsums mount\noption, it will crash with the following call trace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000208\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n CPU: 1 UID: 0 PID: 835 Comm: btrfs Tainted: G O 6.15.0-rc3-custom+ #236 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022\n RIP: 0010:btrfs_lookup_csums_bitmap+0x49/0x480 [btrfs]\n Call Trace:\n \u003cTASK\u003e\n scrub_find_fill_first_stripe+0x35b/0x3d0 [btrfs]\n scrub_simple_mirror+0x175/0x290 [btrfs]\n scrub_stripe+0x5f7/0x6f0 [btrfs]\n scrub_chunk+0x9a/0x150 [btrfs]\n scrub_enumerate_chunks+0x333/0x660 [btrfs]\n btrfs_scrub_dev+0x23e/0x600 [btrfs]\n btrfs_ioctl+0x1dcf/0x2f80 [btrfs]\n __x64_sys_ioctl+0x97/0xc0\n do_syscall_64+0x4f/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[CAUSE]\nMount option \"rescue=idatacsums\" will completely skip loading the csum\ntree, so that any data read will not find any data csum thus we will\nignore data checksum verification.\n\nNormally call sites utilizing csum tree will check the fs state flag\nNO_DATA_CSUMS bit, but unfortunately scrub does not check that bit at all.\n\nThis results in scrub to call btrfs_search_slot() on a NULL pointer\nand triggered above crash.\n\n[FIX]\nCheck both extent and csum tree root before doing any tree search.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38059",
"url": "https://www.suse.com/security/cve/CVE-2025-38059"
},
{
"category": "external",
"summary": "SUSE Bug 1244759 for CVE-2025-38059",
"url": "https://bugzilla.suse.com/1244759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38059"
},
{
"cve": "CVE-2025-38060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: copy_verifier_state() should copy \u0027loop_entry\u0027 field\n\nThe bpf_verifier_state.loop_entry state should be copied by\ncopy_verifier_state(). Otherwise, .loop_entry values from unrelated\nstates would poison env-\u003ecur_state.\n\nAdditionally, env-\u003estack should not contain any states with\n.loop_entry != NULL. The states in env-\u003estack are yet to be verified,\nwhile .loop_entry is set for states that reached an equivalent state.\nThis means that env-\u003ecur_state-\u003eloop_entry should always be NULL after\npop_stack().\n\nSee the selftest in the next commit for an example of the program that\nis not safe yet is accepted by verifier w/o this fix.\n\nThis change has some verification performance impact for selftests:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n---------------------------------- ---------------------------- --------- --------- -------------- ---------- ---------- -------------\narena_htab.bpf.o arena_htab_llvm 717 426 -291 (-40.59%) 57 37 -20 (-35.09%)\narena_htab_asm.bpf.o arena_htab_asm 597 445 -152 (-25.46%) 47 37 -10 (-21.28%)\narena_list.bpf.o arena_list_del 309 279 -30 (-9.71%) 23 14 -9 (-39.13%)\niters.bpf.o iter_subprog_check_stacksafe 155 141 -14 (-9.03%) 15 14 -1 (-6.67%)\niters.bpf.o iter_subprog_iters 1094 1003 -91 (-8.32%) 88 83 -5 (-5.68%)\niters.bpf.o loop_state_deps2 479 725 +246 (+51.36%) 46 63 +17 (+36.96%)\nkmem_cache_iter.bpf.o open_coded_iter 63 59 -4 (-6.35%) 7 6 -1 (-14.29%)\nverifier_bits_iter.bpf.o max_words 92 84 -8 (-8.70%) 8 7 -1 (-12.50%)\nverifier_iterating_callbacks.bpf.o cond_break2 113 107 -6 (-5.31%) 12 12 +0 (+0.00%)\n\nAnd significant negative impact for sched_ext:\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n----------------- ---------------------- --------- --------- -------------------- ---------- ---------- ------------------\nbpf.bpf.o lavd_init 7039 14723 +7684 (+109.16%) 490 1139 +649 (+132.45%)\nbpf.bpf.o layered_dispatch 11485 10548 -937 (-8.16%) 848 762 -86 (-10.14%)\nbpf.bpf.o layered_dump 7422 1000001 +992579 (+13373.47%) 681 31178 +30497 (+4478.27%)\nbpf.bpf.o layered_enqueue 16854 71127 +54273 (+322.02%) 1611 6450 +4839 (+300.37%)\nbpf.bpf.o p2dq_dispatch 665 791 +126 (+18.95%) 68 78 +10 (+14.71%)\nbpf.bpf.o p2dq_init 2343 2980 +637 (+27.19%) 201 237 +36 (+17.91%)\nbpf.bpf.o refresh_layer_cpumasks 16487 674760 +658273 (+3992.68%) 1770 65370 +63600 (+3593.22%)\nbpf.bpf.o rusty_select_cpu 1937 40872 +38935 (+2010.07%) 177 3210 +3033 (+1713.56%)\nscx_central.bpf.o central_dispatch 636 2687 +2051 (+322.48%) 63 227 +164 (+260.32%)\nscx_nest.bpf.o nest_init 636 815 +179 (+28.14%) 60 73 +13 (+21.67%)\nscx_qmap.bpf.o qmap_dispatch \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38060",
"url": "https://www.suse.com/security/cve/CVE-2025-38060"
},
{
"category": "external",
"summary": "SUSE Bug 1245155 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245155"
},
{
"category": "external",
"summary": "SUSE Bug 1245156 for CVE-2025-38060",
"url": "https://bugzilla.suse.com/1245156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38060"
},
{
"cve": "CVE-2025-38061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: pktgen: fix access outside of user given buffer in pktgen_thread_write()\n\nHonour the user given buffer size for the strn_len() calls (otherwise\nstrn_len() will access memory outside of the user given buffer).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38061",
"url": "https://www.suse.com/security/cve/CVE-2025-38061"
},
{
"category": "external",
"summary": "SUSE Bug 1245440 for CVE-2025-38061",
"url": "https://bugzilla.suse.com/1245440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38061"
},
{
"cve": "CVE-2025-38062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie\n\nThe IOMMU translation for MSI message addresses has been a 2-step process,\nseparated in time:\n\n 1) iommu_dma_prepare_msi(): A cookie pointer containing the IOVA address\n is stored in the MSI descriptor when an MSI interrupt is allocated.\n\n 2) iommu_dma_compose_msi_msg(): this cookie pointer is used to compute a\n translated message address.\n\nThis has an inherent lifetime problem for the pointer stored in the cookie\nthat must remain valid between the two steps. However, there is no locking\nat the irq layer that helps protect the lifetime. Today, this works under\nthe assumption that the iommu domain is not changed while MSI interrupts\nbeing programmed. This is true for normal DMA API users within the kernel,\nas the iommu domain is attached before the driver is probed and cannot be\nchanged while a driver is attached.\n\nClassic VFIO type1 also prevented changing the iommu domain while VFIO was\nrunning as it does not support changing the \"container\" after starting up.\n\nHowever, iommufd has improved this so that the iommu domain can be changed\nduring VFIO operation. This potentially allows userspace to directly race\nVFIO_DEVICE_ATTACH_IOMMUFD_PT (which calls iommu_attach_group()) and\nVFIO_DEVICE_SET_IRQS (which calls into iommu_dma_compose_msi_msg()).\n\nThis potentially causes both the cookie pointer and the unlocked call to\niommu_get_domain_for_dev() on the MSI translation path to become UAFs.\n\nFix the MSI cookie UAF by removing the cookie pointer. The translated IOVA\naddress is already known during iommu_dma_prepare_msi() and cannot change.\nThus, it can simply be stored as an integer in the MSI descriptor.\n\nThe other UAF related to iommu_get_domain_for_dev() will be addressed in\npatch \"iommu: Make iommu_dma_prepare_msi() into a generic operation\" by\nusing the IOMMU group mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38062",
"url": "https://www.suse.com/security/cve/CVE-2025-38062"
},
{
"category": "external",
"summary": "SUSE Bug 1245216 for CVE-2025-38062",
"url": "https://bugzilla.suse.com/1245216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38062"
},
{
"cve": "CVE-2025-38063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix unconditional IO throttle caused by REQ_PREFLUSH\n\nWhen a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush()\ngenerates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC,\nwhich causes the flush_bio to be throttled by wbt_wait().\n\nAn example from v5.4, similar problem also exists in upstream:\n\n crash\u003e bt 2091206\n PID: 2091206 TASK: ffff2050df92a300 CPU: 109 COMMAND: \"kworker/u260:0\"\n #0 [ffff800084a2f7f0] __switch_to at ffff80004008aeb8\n #1 [ffff800084a2f820] __schedule at ffff800040bfa0c4\n #2 [ffff800084a2f880] schedule at ffff800040bfa4b4\n #3 [ffff800084a2f8a0] io_schedule at ffff800040bfa9c4\n #4 [ffff800084a2f8c0] rq_qos_wait at ffff8000405925bc\n #5 [ffff800084a2f940] wbt_wait at ffff8000405bb3a0\n #6 [ffff800084a2f9a0] __rq_qos_throttle at ffff800040592254\n #7 [ffff800084a2f9c0] blk_mq_make_request at ffff80004057cf38\n #8 [ffff800084a2fa60] generic_make_request at ffff800040570138\n #9 [ffff800084a2fae0] submit_bio at ffff8000405703b4\n #10 [ffff800084a2fb50] xlog_write_iclog at ffff800001280834 [xfs]\n #11 [ffff800084a2fbb0] xlog_sync at ffff800001280c3c [xfs]\n #12 [ffff800084a2fbf0] xlog_state_release_iclog at ffff800001280df4 [xfs]\n #13 [ffff800084a2fc10] xlog_write at ffff80000128203c [xfs]\n #14 [ffff800084a2fcd0] xlog_cil_push at ffff8000012846dc [xfs]\n #15 [ffff800084a2fda0] xlog_cil_push_work at ffff800001284a2c [xfs]\n #16 [ffff800084a2fdb0] process_one_work at ffff800040111d08\n #17 [ffff800084a2fe00] worker_thread at ffff8000401121cc\n #18 [ffff800084a2fe70] kthread at ffff800040118de4\n\nAfter commit 2def2845cc33 (\"xfs: don\u0027t allow log IO to be throttled\"),\nthe metadata submitted by xlog_write_iclog() should not be throttled.\nBut due to the existence of the dm layer, throttling flush_bio indirectly\ncauses the metadata bio to be throttled.\n\nFix this by conditionally adding REQ_IDLE to flush_bio.bi_opf, which makes\nwbt_should_throttle() return false to avoid wbt_wait().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38063",
"url": "https://www.suse.com/security/cve/CVE-2025-38063"
},
{
"category": "external",
"summary": "SUSE Bug 1245202 for CVE-2025-38063",
"url": "https://bugzilla.suse.com/1245202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38063"
},
{
"cve": "CVE-2025-38064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio: break and reset virtio devices on device_shutdown()\n\nHongyu reported a hang on kexec in a VM. QEMU reported invalid memory\naccesses during the hang.\n\n\tInvalid read at addr 0x102877002, size 2, region \u0027(null)\u0027, reason: rejected\n\tInvalid write at addr 0x102877A44, size 2, region \u0027(null)\u0027, reason: rejected\n\t...\n\nIt was traced down to virtio-console. Kexec works fine if virtio-console\nis not in use.\n\nThe issue is that virtio-console continues to write to the MMIO even after\nunderlying virtio-pci device is reset.\n\nAdditionally, Eric noticed that IOMMUs are reset before devices, if\ndevices are not reset on shutdown they continue to poke at guest memory\nand get errors from the IOMMU. Some devices get wedged then.\n\nThe problem can be solved by breaking all virtio devices on virtio\nbus shutdown, then resetting them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38064",
"url": "https://www.suse.com/security/cve/CVE-2025-38064"
},
{
"category": "external",
"summary": "SUSE Bug 1245201 for CVE-2025-38064",
"url": "https://bugzilla.suse.com/1245201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38064"
},
{
"cve": "CVE-2025-38065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: Do not truncate file size\n\n\u0027len\u0027 is used to store the result of i_size_read(), so making \u0027len\u0027\na size_t results in truncation to 4GiB on 32-bit systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38065",
"url": "https://www.suse.com/security/cve/CVE-2025-38065"
},
{
"category": "external",
"summary": "SUSE Bug 1244906 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244906"
},
{
"category": "external",
"summary": "SUSE Bug 1244907 for CVE-2025-38065",
"url": "https://bugzilla.suse.com/1244907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38065"
},
{
"cve": "CVE-2025-38068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38068",
"url": "https://www.suse.com/security/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "SUSE Bug 1245210 for CVE-2025-38068",
"url": "https://bugzilla.suse.com/1245210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38068"
},
{
"cve": "CVE-2025-38072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibnvdimm/labels: Fix divide error in nd_label_data_init()\n\nIf a faulty CXL memory device returns a broken zero LSA size in its\nmemory device information (Identify Memory Device (Opcode 4000h), CXL\nspec. 3.1, 8.2.9.9.1.1), a divide error occurs in the libnvdimm\ndriver:\n\n Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:nd_label_data_init+0x10e/0x800 [libnvdimm]\n\nCode and flow:\n\n1) CXL Command 4000h returns LSA size = 0\n2) config_size is assigned to zero LSA size (CXL pmem driver):\n\ndrivers/cxl/pmem.c: .config_size = mds-\u003elsa_size,\n\n3) max_xfer is set to zero (nvdimm driver):\n\ndrivers/nvdimm/label.c: max_xfer = min_t(size_t, ndd-\u003ensarea.max_xfer, config_size);\n\n4) A subsequent DIV_ROUND_UP() causes a division by zero:\n\ndrivers/nvdimm/label.c: /* Make our initial read size a multiple of max_xfer size */\ndrivers/nvdimm/label.c: read_size = min(DIV_ROUND_UP(read_size, max_xfer) * max_xfer,\ndrivers/nvdimm/label.c- config_size);\n\nFix this by checking the config size parameter by extending an\nexisting check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38072",
"url": "https://www.suse.com/security/cve/CVE-2025-38072"
},
{
"category": "external",
"summary": "SUSE Bug 1244743 for CVE-2025-38072",
"url": "https://bugzilla.suse.com/1244743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38072"
},
{
"cve": "CVE-2025-38074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: protect vq-\u003elog_used with vq-\u003emutex\n\nThe vhost-scsi completion path may access vq-\u003elog_base when vq-\u003elog_used is\nalready set to false.\n\n vhost-thread QEMU-thread\n\nvhost_scsi_complete_cmd_work()\n-\u003e vhost_add_used()\n -\u003e vhost_add_used_n()\n if (unlikely(vq-\u003elog_used))\n QEMU disables vq-\u003elog_used\n via VHOST_SET_VRING_ADDR.\n mutex_lock(\u0026vq-\u003emutex);\n vq-\u003elog_used = false now!\n mutex_unlock(\u0026vq-\u003emutex);\n\n\t\t\t\t QEMU gfree(vq-\u003elog_base)\n log_used()\n -\u003e log_write(vq-\u003elog_base)\n\nAssuming the VMM is QEMU. The vq-\u003elog_base is from QEMU userpace and can be\nreclaimed via gfree(). As a result, this causes invalid memory writes to\nQEMU userspace.\n\nThe control queue path has the same issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38074",
"url": "https://www.suse.com/security/cve/CVE-2025-38074"
},
{
"category": "external",
"summary": "SUSE Bug 1244735 for CVE-2025-38074",
"url": "https://bugzilla.suse.com/1244735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38074"
},
{
"cve": "CVE-2025-38077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()\n\nIf the \u0027buf\u0027 array received from the user contains an empty string, the\n\u0027length\u0027 variable will be zero. Accessing the \u0027buf\u0027 array element with\nindex \u0027length - 1\u0027 will result in a buffer overflow.\n\nAdd a check for an empty string.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38077",
"url": "https://www.suse.com/security/cve/CVE-2025-38077"
},
{
"category": "external",
"summary": "SUSE Bug 1244736 for CVE-2025-38077",
"url": "https://bugzilla.suse.com/1244736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38077"
},
{
"cve": "CVE-2025-38078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: Fix race of buffer access at PCM OSS layer\n\nThe PCM OSS layer tries to clear the buffer with the silence data at\ninitialization (or reconfiguration) of a stream with the explicit call\nof snd_pcm_format_set_silence() with runtime-\u003edma_area. But this may\nlead to a UAF because the accessed runtime-\u003edma_area might be freed\nconcurrently, as it\u0027s performed outside the PCM ops.\n\nFor avoiding it, move the code into the PCM core and perform it inside\nthe buffer access lock, so that it won\u0027t be changed during the\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38078",
"url": "https://www.suse.com/security/cve/CVE-2025-38078"
},
{
"category": "external",
"summary": "SUSE Bug 1244737 for CVE-2025-38078",
"url": "https://bugzilla.suse.com/1244737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38078"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase block_sequence array size\n\n[Why]\nIt\u0027s possible to generate more than 50 steps in hwss_build_fast_sequence,\nfor example with a 6-pipe asic where all pipes are in one MPC chain. This\noverflows the block_sequence buffer and corrupts block_sequence_steps,\ncausing a crash.\n\n[How]\nExpand block_sequence to 100 items. A naive upper bound on the possible\nnumber of steps for a 6-pipe asic, ignoring the potential for steps to be\nmutually exclusive, is 91 with current code, therefore 100 is sufficient.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38080",
"url": "https://www.suse.com/security/cve/CVE-2025-38080"
},
{
"category": "external",
"summary": "SUSE Bug 1244738 for CVE-2025-38080",
"url": "https://bugzilla.suse.com/1244738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38080"
},
{
"cve": "CVE-2025-38081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi-rockchip: Fix register out of bounds access\n\nDo not write native chip select stuff for GPIO chip selects.\nGPIOs can be numbered much higher than native CS.\nAlso, it makes no sense.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38081",
"url": "https://www.suse.com/security/cve/CVE-2025-38081"
},
{
"category": "external",
"summary": "SUSE Bug 1244739 for CVE-2025-38081",
"url": "https://bugzilla.suse.com/1244739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38081"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops-\u003emay_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[jannh@google.com: v2]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38084",
"url": "https://www.suse.com/security/cve/CVE-2025-38084"
},
{
"category": "external",
"summary": "SUSE Bug 1245498 for CVE-2025-38084",
"url": "https://bugzilla.suse.com/1245498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38084"
},
{
"cve": "CVE-2025-38085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race\n\nhuge_pmd_unshare() drops a reference on a page table that may have\npreviously been shared across processes, potentially turning it into a\nnormal page table used in another process in which unrelated VMAs can\nafterwards be installed.\n\nIf this happens in the middle of a concurrent gup_fast(), gup_fast() could\nend up walking the page tables of another process. While I don\u0027t see any\nway in which that immediately leads to kernel memory corruption, it is\nreally weird and unexpected.\n\nFix it with an explicit broadcast IPI through tlb_remove_table_sync_one(),\njust like we do in khugepaged when removing page tables for a THP\ncollapse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38085",
"url": "https://www.suse.com/security/cve/CVE-2025-38085"
},
{
"category": "external",
"summary": "SUSE Bug 1245499 for CVE-2025-38085",
"url": "https://bugzilla.suse.com/1245499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38085"
},
{
"cve": "CVE-2025-38087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix use-after-free in taprio_dev_notifier\n\nSince taprio\u0027s taprio_dev_notifier() isn\u0027t protected by an\nRCU read-side critical section, a race with advance_sched()\ncan lead to a use-after-free.\n\nAdding rcu_read_lock() inside taprio_dev_notifier() prevents this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38087",
"url": "https://www.suse.com/security/cve/CVE-2025-38087"
},
{
"category": "external",
"summary": "SUSE Bug 1245504 for CVE-2025-38087",
"url": "https://bugzilla.suse.com/1245504"
},
{
"category": "external",
"summary": "SUSE Bug 1245505 for CVE-2025-38087",
"url": "https://bugzilla.suse.com/1245505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38087"
},
{
"cve": "CVE-2025-38088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap\n\nmemtrace mmap issue has an out of bounds issue. This patch fixes the by\nchecking that the requested mapping region size should stay within the\nallocated region size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38088",
"url": "https://www.suse.com/security/cve/CVE-2025-38088"
},
{
"category": "external",
"summary": "SUSE Bug 1245506 for CVE-2025-38088",
"url": "https://bugzilla.suse.com/1245506"
},
{
"category": "external",
"summary": "SUSE Bug 1245507 for CVE-2025-38088",
"url": "https://bugzilla.suse.com/1245507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38088"
},
{
"cve": "CVE-2025-38089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: handle SVC_GARBAGE during svc auth processing as auth error\n\ntianshuo han reported a remotely-triggerable crash if the client sends a\nkernel RPC server a specially crafted packet. If decoding the RPC reply\nfails in such a way that SVC_GARBAGE is returned without setting the\nrq_accept_statp pointer, then that pointer can be dereferenced and a\nvalue stored there.\n\nIf it\u0027s the first time the thread has processed an RPC, then that\npointer will be set to NULL and the kernel will crash. In other cases,\nit could create a memory scribble.\n\nThe server sunrpc code treats a SVC_GARBAGE return from svc_authenticate\nor pg_authenticate as if it should send a GARBAGE_ARGS reply. RFC 5531\nsays that if authentication fails that the RPC should be rejected\ninstead with a status of AUTH_ERR.\n\nHandle a SVC_GARBAGE return as an AUTH_ERROR, with a reason of\nAUTH_BADCRED instead of returning GARBAGE_ARGS in that case. This\nsidesteps the whole problem of touching the rpc_accept_statp pointer in\nthis situation and avoids the crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38089",
"url": "https://www.suse.com/security/cve/CVE-2025-38089"
},
{
"category": "external",
"summary": "SUSE Bug 1245508 for CVE-2025-38089",
"url": "https://bugzilla.suse.com/1245508"
},
{
"category": "external",
"summary": "SUSE Bug 1245509 for CVE-2025-38089",
"url": "https://bugzilla.suse.com/1245509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38089"
},
{
"cve": "CVE-2025-38090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/rapidio/rio_cm.c: prevent possible heap overwrite\n\nIn\n\nriocm_cdev_ioctl(RIO_CM_CHAN_SEND)\n -\u003e cm_chan_msg_send()\n -\u003e riocm_ch_send()\n\ncm_chan_msg_send() checks that userspace didn\u0027t send too much data but\nriocm_ch_send() failed to check that userspace sent sufficient data. The\nresult is that riocm_ch_send() can write to fields in the rio_ch_chan_hdr\nwhich were outside the bounds of the space which cm_chan_msg_send()\nallocated.\n\nAddress this by teaching riocm_ch_send() to check that the entire\nrio_ch_chan_hdr was copied in from userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38090",
"url": "https://www.suse.com/security/cve/CVE-2025-38090"
},
{
"category": "external",
"summary": "SUSE Bug 1245510 for CVE-2025-38090",
"url": "https://bugzilla.suse.com/1245510"
},
{
"category": "external",
"summary": "SUSE Bug 1245511 for CVE-2025-38090",
"url": "https://bugzilla.suse.com/1245511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38090"
},
{
"cve": "CVE-2025-38094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cadence: macb: Fix a possible deadlock in macb_halt_tx.\n\nThere is a situation where after THALT is set high, TGO stays high as\nwell. Because jiffies are never updated, as we are in a context with\ninterrupts disabled, we never exit that loop and have a deadlock.\n\nThat deadlock was noticed on a sama5d4 device that stayed locked for days.\n\nUse retries instead of jiffies so that the timeout really works and we do\nnot have a deadlock anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38094",
"url": "https://www.suse.com/security/cve/CVE-2025-38094"
},
{
"category": "external",
"summary": "SUSE Bug 1245649 for CVE-2025-38094",
"url": "https://bugzilla.suse.com/1245649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38094"
},
{
"cve": "CVE-2025-38095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: insert memory barrier before updating num_fences\n\nsmp_store_mb() inserts memory barrier after storing operation.\nIt is different with what the comment is originally aiming so Null\npointer dereference can be happened if memory update is reordered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38095",
"url": "https://www.suse.com/security/cve/CVE-2025-38095"
},
{
"category": "external",
"summary": "SUSE Bug 1245658 for CVE-2025-38095",
"url": "https://bugzilla.suse.com/1245658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38095"
},
{
"cve": "CVE-2025-38097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nespintcp: remove encap socket caching to avoid reference leak\n\nThe current scheme for caching the encap socket can lead to reference\nleaks when we try to delete the netns.\n\nThe reference chain is: xfrm_state -\u003e enacp_sk -\u003e netns\n\nSince the encap socket is a userspace socket, it holds a reference on\nthe netns. If we delete the espintcp state (through flush or\nindividual delete) before removing the netns, the reference on the\nsocket is dropped and the netns is correctly deleted. Otherwise, the\nnetns may not be reachable anymore (if all processes within the ns\nhave terminated), so we cannot delete the xfrm state to drop its\nreference on the socket.\n\nThis patch results in a small (~2% in my tests) performance\nregression.\n\nA GC-type mechanism could be added for the socket cache, to clear\nreferences if the state hasn\u0027t been used \"recently\", but it\u0027s a lot\nmore complex than just not caching the socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38097",
"url": "https://www.suse.com/security/cve/CVE-2025-38097"
},
{
"category": "external",
"summary": "SUSE Bug 1245660 for CVE-2025-38097",
"url": "https://bugzilla.suse.com/1245660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38097"
},
{
"cve": "CVE-2025-38098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Don\u0027t treat wb connector as physical in create_validate_stream_for_sink\n\nDon\u0027t try to operate on a drm_wb_connector as an amdgpu_dm_connector.\nWhile dereferencing aconnector-\u003ebase will \"work\" it\u0027s wrong and\nmight lead to unknown bad things. Just... don\u0027t.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38098",
"url": "https://www.suse.com/security/cve/CVE-2025-38098"
},
{
"category": "external",
"summary": "SUSE Bug 1245654 for CVE-2025-38098",
"url": "https://bugzilla.suse.com/1245654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38098"
},
{
"cve": "CVE-2025-38099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken\n\nA SCO connection without the proper voice_setting can cause\nthe controller to lock up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38099",
"url": "https://www.suse.com/security/cve/CVE-2025-38099"
},
{
"category": "external",
"summary": "SUSE Bug 1245671 for CVE-2025-38099",
"url": "https://bugzilla.suse.com/1245671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38099"
},
{
"cve": "CVE-2025-38100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/iopl: Cure TIF_IO_BITMAP inconsistencies\n\nio_bitmap_exit() is invoked from exit_thread() when a task exists or\nwhen a fork fails. In the latter case the exit_thread() cleans up\nresources which were allocated during fork().\n\nio_bitmap_exit() invokes task_update_io_bitmap(), which in turn ends up\nin tss_update_io_bitmap(). tss_update_io_bitmap() operates on the\ncurrent task. If current has TIF_IO_BITMAP set, but no bitmap installed,\ntss_update_io_bitmap() crashes with a NULL pointer dereference.\n\nThere are two issues, which lead to that problem:\n\n 1) io_bitmap_exit() should not invoke task_update_io_bitmap() when\n the task, which is cleaned up, is not the current task. That\u0027s a\n clear indicator for a cleanup after a failed fork().\n\n 2) A task should not have TIF_IO_BITMAP set and neither a bitmap\n installed nor IOPL emulation level 3 activated.\n\n This happens when a kernel thread is created in the context of\n a user space thread, which has TIF_IO_BITMAP set as the thread\n flags are copied and the IO bitmap pointer is cleared.\n\n Other than in the failed fork() case this has no impact because\n kernel threads including IO workers never return to user space and\n therefore never invoke tss_update_io_bitmap().\n\nCure this by adding the missing cleanups and checks:\n\n 1) Prevent io_bitmap_exit() to invoke task_update_io_bitmap() if\n the to be cleaned up task is not the current task.\n\n 2) Clear TIF_IO_BITMAP in copy_thread() unconditionally. For user\n space forks it is set later, when the IO bitmap is inherited in\n io_bitmap_share().\n\nFor paranoia sake, add a warning into tss_update_io_bitmap() to catch\nthe case, when that code is invoked with inconsistent state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38100",
"url": "https://www.suse.com/security/cve/CVE-2025-38100"
},
{
"category": "external",
"summary": "SUSE Bug 1245650 for CVE-2025-38100",
"url": "https://bugzilla.suse.com/1245650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38100"
},
{
"cve": "CVE-2025-38102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify\n\nDuring our test, it is found that a warning can be trigger in try_grab_folio\nas follow:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1678 at mm/gup.c:147 try_grab_folio+0x106/0x130\n Modules linked in:\n CPU: 0 UID: 0 PID: 1678 Comm: syz.3.31 Not tainted 6.15.0-rc5 #163 PREEMPT(undef)\n RIP: 0010:try_grab_folio+0x106/0x130\n Call Trace:\n \u003cTASK\u003e\n follow_huge_pmd+0x240/0x8e0\n follow_pmd_mask.constprop.0.isra.0+0x40b/0x5c0\n follow_pud_mask.constprop.0.isra.0+0x14a/0x170\n follow_page_mask+0x1c2/0x1f0\n __get_user_pages+0x176/0x950\n __gup_longterm_locked+0x15b/0x1060\n ? gup_fast+0x120/0x1f0\n gup_fast_fallback+0x17e/0x230\n get_user_pages_fast+0x5f/0x80\n vmci_host_unlocked_ioctl+0x21c/0xf80\n RIP: 0033:0x54d2cd\n ---[ end trace 0000000000000000 ]---\n\nDigging into the source, context-\u003enotify_page may init by get_user_pages_fast\nand can be seen in vmci_ctx_unset_notify which will try to put_page. However\nget_user_pages_fast is not finished here and lead to following\ntry_grab_folio warning. The race condition is shown as follow:\n\ncpu0\t\t\tcpu1\nvmci_host_do_set_notify\nvmci_host_setup_notify\nget_user_pages_fast(uva, 1, FOLL_WRITE, \u0026context-\u003enotify_page);\nlockless_pages_from_mm\ngup_pgd_range\ngup_huge_pmd // update \u0026context-\u003enotify_page\n\t\t\tvmci_host_do_set_notify\n\t\t\tvmci_ctx_unset_notify\n\t\t\tnotify_page = context-\u003enotify_page;\n\t\t\tif (notify_page)\n\t\t\tput_page(notify_page);\t// page is freed\n__gup_longterm_locked\n__get_user_pages\nfollow_trans_huge_pmd\ntry_grab_folio // warn here\n\nTo slove this, use local variable page to make notify_page can be seen\nafter finish get_user_pages_fast.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38102",
"url": "https://www.suse.com/security/cve/CVE-2025-38102"
},
{
"category": "external",
"summary": "SUSE Bug 1245669 for CVE-2025-38102",
"url": "https://bugzilla.suse.com/1245669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38102"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38105"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Kill timer properly at removal\n\nThe USB-audio MIDI code initializes the timer, but in a rare case, the\ndriver might be freed without the disconnect call. This leaves the\ntimer in an active state while the assigned object is released via\nsnd_usbmidi_free(), which ends up with a kernel warning when the debug\nconfiguration is enabled, as spotted by fuzzer.\n\nFor avoiding the problem, put timer_shutdown_sync() at\nsnd_usbmidi_free(), so that the timer can be killed properly.\nWhile we\u0027re at it, replace the existing timer_delete_sync() at the\ndisconnect callback with timer_shutdown_sync(), too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38105",
"url": "https://www.suse.com/security/cve/CVE-2025-38105"
},
{
"category": "external",
"summary": "SUSE Bug 1245682 for CVE-2025-38105",
"url": "https://bugzilla.suse.com/1245682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38105"
},
{
"cve": "CVE-2025-38107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: fix a race in ets_qdisc_change()\n\nGerrard Tai reported a race condition in ETS, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38107",
"url": "https://www.suse.com/security/cve/CVE-2025-38107"
},
{
"category": "external",
"summary": "SUSE Bug 1245676 for CVE-2025-38107",
"url": "https://bugzilla.suse.com/1245676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38107"
},
{
"cve": "CVE-2025-38108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: red: fix a race in __red_change()\n\nGerrard Tai reported a race condition in RED, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38108",
"url": "https://www.suse.com/security/cve/CVE-2025-38108"
},
{
"category": "external",
"summary": "SUSE Bug 1245675 for CVE-2025-38108",
"url": "https://bugzilla.suse.com/1245675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38108"
},
{
"cve": "CVE-2025-38109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix ECVF vports unload on shutdown flow\n\nFix shutdown flow UAF when a virtual function is created on the embedded\nchip (ECVF) of a BlueField device. In such case the vport acl ingress\ntable is not properly destroyed.\n\nECVF functionality is independent of ecpf_vport_exists capability and\nthus functions mlx5_eswitch_(enable|disable)_pf_vf_vports() should not\ntest it when enabling/disabling ECVF vports.\n\nkernel log:\n[] refcount_t: underflow; use-after-free.\n[] WARNING: CPU: 3 PID: 1 at lib/refcount.c:28\n refcount_warn_saturate+0x124/0x220\n----------------\n[] Call trace:\n[] refcount_warn_saturate+0x124/0x220\n[] tree_put_node+0x164/0x1e0 [mlx5_core]\n[] mlx5_destroy_flow_table+0x98/0x2c0 [mlx5_core]\n[] esw_acl_ingress_table_destroy+0x28/0x40 [mlx5_core]\n[] esw_acl_ingress_lgcy_cleanup+0x80/0xf4 [mlx5_core]\n[] esw_legacy_vport_acl_cleanup+0x44/0x60 [mlx5_core]\n[] esw_vport_cleanup+0x64/0x90 [mlx5_core]\n[] mlx5_esw_vport_disable+0xc0/0x1d0 [mlx5_core]\n[] mlx5_eswitch_unload_ec_vf_vports+0xcc/0x150 [mlx5_core]\n[] mlx5_eswitch_disable_sriov+0x198/0x2a0 [mlx5_core]\n[] mlx5_device_disable_sriov+0xb8/0x1e0 [mlx5_core]\n[] mlx5_sriov_detach+0x40/0x50 [mlx5_core]\n[] mlx5_unload+0x40/0xc4 [mlx5_core]\n[] mlx5_unload_one_devl_locked+0x6c/0xe4 [mlx5_core]\n[] mlx5_unload_one+0x3c/0x60 [mlx5_core]\n[] shutdown+0x7c/0xa4 [mlx5_core]\n[] pci_device_shutdown+0x3c/0xa0\n[] device_shutdown+0x170/0x340\n[] __do_sys_reboot+0x1f4/0x2a0\n[] __arm64_sys_reboot+0x2c/0x40\n[] invoke_syscall+0x78/0x100\n[] el0_svc_common.constprop.0+0x54/0x184\n[] do_el0_svc+0x30/0xac\n[] el0_svc+0x48/0x160\n[] el0t_64_sync_handler+0xa4/0x12c\n[] el0t_64_sync+0x1a4/0x1a8\n[] --[ end trace 9c4601d68c70030e ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38109",
"url": "https://www.suse.com/security/cve/CVE-2025-38109"
},
{
"category": "external",
"summary": "SUSE Bug 1245684 for CVE-2025-38109",
"url": "https://bugzilla.suse.com/1245684"
},
{
"category": "external",
"summary": "SUSE Bug 1245685 for CVE-2025-38109",
"url": "https://bugzilla.suse.com/1245685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38109"
},
{
"cve": "CVE-2025-38110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds clause 45 read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via C45 (clause 45) mdiobus,\nthere is no verification of parameters passed to the ioctl and\nit accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before C45 read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38110",
"url": "https://www.suse.com/security/cve/CVE-2025-38110"
},
{
"category": "external",
"summary": "SUSE Bug 1245665 for CVE-2025-38110",
"url": "https://bugzilla.suse.com/1245665"
},
{
"category": "external",
"summary": "SUSE Bug 1249458 for CVE-2025-38110",
"url": "https://bugzilla.suse.com/1249458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38110"
},
{
"cve": "CVE-2025-38111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mdiobus: Fix potential out-of-bounds read/write access\n\nWhen using publicly available tools like \u0027mdio-tools\u0027 to read/write data\nfrom/to network interface and its PHY via mdiobus, there is no verification of\nparameters passed to the ioctl and it accepts any mdio address.\nCurrently there is support for 32 addresses in kernel via PHY_MAX_ADDR define,\nbut it is possible to pass higher value than that via ioctl.\nWhile read/write operation should generally fail in this case,\nmdiobus provides stats array, where wrong address may allow out-of-bounds\nread/write.\n\nFix that by adding address verification before read/write operation.\nWhile this excludes this access from any statistics, it improves security of\nread/write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38111",
"url": "https://www.suse.com/security/cve/CVE-2025-38111"
},
{
"category": "external",
"summary": "SUSE Bug 1245666 for CVE-2025-38111",
"url": "https://bugzilla.suse.com/1245666"
},
{
"category": "external",
"summary": "SUSE Bug 1249455 for CVE-2025-38111",
"url": "https://bugzilla.suse.com/1249455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38111"
},
{
"cve": "CVE-2025-38112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix TOCTOU issue in sk_is_readable()\n\nsk-\u003esk_prot-\u003esock_is_readable is a valid function pointer when sk resides\nin a sockmap. After the last sk_psock_put() (which usually happens when\nsocket is removed from sockmap), sk-\u003esk_prot gets restored and\nsk-\u003esk_prot-\u003esock_is_readable becomes NULL.\n\nThis makes sk_is_readable() racy, if the value of sk-\u003esk_prot is reloaded\nafter the initial check. Which in turn may lead to a null pointer\ndereference.\n\nEnsure the function pointer does not turn NULL after the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38112",
"url": "https://www.suse.com/security/cve/CVE-2025-38112"
},
{
"category": "external",
"summary": "SUSE Bug 1245668 for CVE-2025-38112",
"url": "https://bugzilla.suse.com/1245668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38112"
},
{
"cve": "CVE-2025-38113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Fix NULL pointer dereference when nosmp is used\n\nWith nosmp in cmdline, other CPUs are not brought up, leaving\ntheir cpc_desc_ptr NULL. CPU0\u0027s iteration via for_each_possible_cpu()\ndereferences these NULL pointers, causing panic.\n\nPanic backtrace:\n\n[ 0.401123] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000b8\n...\n[ 0.403255] [\u003cffffffff809a5818\u003e] cppc_allow_fast_switch+0x6a/0xd4\n...\nKernel panic - not syncing: Attempted to kill init!\n\n[ rjw: New subject ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38113",
"url": "https://www.suse.com/security/cve/CVE-2025-38113"
},
{
"category": "external",
"summary": "SUSE Bug 1245683 for CVE-2025-38113",
"url": "https://bugzilla.suse.com/1245683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38113"
},
{
"cve": "CVE-2025-38115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: fix a potential crash on gso_skb handling\n\nSFQ has an assumption of always being able to queue at least one packet.\n\nHowever, after the blamed commit, sch-\u003eq.len can be inflated by packets\nin sch-\u003egso_skb, and an enqueue() on an empty SFQ qdisc can be followed\nby an immediate drop.\n\nFix sfq_drop() to properly clear q-\u003etail in this situation.\n\n\nip netns add lb\nip link add dev to-lb type veth peer name in-lb netns lb\nethtool -K to-lb tso off # force qdisc to requeue gso_skb\nip netns exec lb ethtool -K in-lb gro on # enable NAPI\nip link set dev to-lb up\nip -netns lb link set dev in-lb up\nip addr add dev to-lb 192.168.20.1/24\nip -netns lb addr add dev in-lb 192.168.20.2/24\ntc qdisc replace dev to-lb root sfq limit 100\n\nip netns exec lb netserver\n\nnetperf -H 192.168.20.2 -l 100 \u0026\nnetperf -H 192.168.20.2 -l 100 \u0026\nnetperf -H 192.168.20.2 -l 100 \u0026\nnetperf -H 192.168.20.2 -l 100 \u0026",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38115",
"url": "https://www.suse.com/security/cve/CVE-2025-38115"
},
{
"category": "external",
"summary": "SUSE Bug 1245689 for CVE-2025-38115",
"url": "https://bugzilla.suse.com/1245689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38115"
},
{
"cve": "CVE-2025-38117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Protect mgmt_pending list with its own lock\n\nThis uses a mutex to protect from concurrent access of mgmt_pending\nlist which can cause crashes like:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\nRead of size 2 at addr ffff0000c48885b2 by task syz.4.334/7318\n\nCPU: 0 UID: 0 PID: 7318 Comm: syz.4.334 Not tainted 6.15.0-rc7-syzkaller-g187899f4124a #0 PREEMPT\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack+0x30/0x40 lib/dump_stack.c:94\n dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120\n print_address_description+0xa8/0x254 mm/kasan/report.c:408\n print_report+0x68/0x84 mm/kasan/report.c:521\n kasan_report+0xb0/0x110 mm/kasan/report.c:634\n __asan_report_load2_noabort+0x20/0x2c mm/kasan/report_generic.c:379\n hci_sock_get_channel+0x60/0x68 net/bluetooth/hci_sock.c:91\n mgmt_pending_find+0x7c/0x140 net/bluetooth/mgmt_util.c:223\n pending_find net/bluetooth/mgmt.c:947 [inline]\n remove_adv_monitor+0x44/0x1a4 net/bluetooth/mgmt.c:5445\n hci_mgmt_cmd+0x780/0xc00 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x544/0xbb0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x25c/0x378 net/socket.c:1131\n new_sync_write fs/read_write.c:591 [inline]\n vfs_write+0x62c/0x97c fs/read_write.c:684\n ksys_write+0x120/0x210 fs/read_write.c:736\n __do_sys_write fs/read_write.c:747 [inline]\n __se_sys_write fs/read_write.c:744 [inline]\n __arm64_sys_write+0x7c/0x90 fs/read_write.c:744\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 7037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x54 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x9c/0xb4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4327 [inline]\n __kmalloc_noprof+0x2fc/0x4c8 mm/slub.c:4339\n kmalloc_noprof include/linux/slab.h:909 [inline]\n sk_prot_alloc+0xc4/0x1f0 net/core/sock.c:2198\n sk_alloc+0x44/0x3ac net/core/sock.c:2254\n bt_sock_alloc+0x4c/0x300 net/bluetooth/af_bluetooth.c:148\n hci_sock_create+0xa8/0x194 net/bluetooth/hci_sock.c:2202\n bt_sock_create+0x14c/0x24c net/bluetooth/af_bluetooth.c:132\n __sock_create+0x43c/0x91c net/socket.c:1541\n sock_create net/socket.c:1599 [inline]\n __sys_socket_create net/socket.c:1636 [inline]\n __sys_socket+0xd4/0x1c0 net/socket.c:1683\n __do_sys_socket net/socket.c:1697 [inline]\n __se_sys_socket net/socket.c:1695 [inline]\n __arm64_sys_socket+0x7c/0x94 net/socket.c:1695\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nFreed by task 6607:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_free_info+0x58/0x70 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x68/0x88 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38117",
"url": "https://www.suse.com/security/cve/CVE-2025-38117"
},
{
"category": "external",
"summary": "SUSE Bug 1245695 for CVE-2025-38117",
"url": "https://bugzilla.suse.com/1245695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38117"
},
{
"cve": "CVE-2025-38118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete\n\nThis reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add to\navoid crashes like bellow:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_complete+0xe5/0x540 net/bluetooth/mgmt.c:5406\nRead of size 8 at addr ffff88801c53f318 by task kworker/u5:5/5341\n\nCPU: 0 UID: 0 PID: 5341 Comm: kworker/u5:5 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n mgmt_remove_adv_monitor_complete+0xe5/0x540 net/bluetooth/mgmt.c:5406\n hci_cmd_sync_work+0x261/0x3a0 net/bluetooth/hci_sync.c:334\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x711/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 5987:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4358\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n mgmt_pending_new+0x65/0x240 net/bluetooth/mgmt_util.c:252\n mgmt_pending_add+0x34/0x120 net/bluetooth/mgmt_util.c:279\n remove_adv_monitor+0x103/0x1b0 net/bluetooth/mgmt.c:5454\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n sock_write_iter+0x258/0x330 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x548/0xa90 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 5989:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2380 [inline]\n slab_free mm/slub.c:4642 [inline]\n kfree+0x18e/0x440 mm/slub.c:4841\n mgmt_pending_foreach+0xc9/0x120 net/bluetooth/mgmt_util.c:242\n mgmt_index_removed+0x10d/0x2f0 net/bluetooth/mgmt.c:9366\n hci_sock_bind+0xbe9/0x1000 net/bluetooth/hci_sock.c:1314\n __sys_bind_socket net/socket.c:1810 [inline]\n __sys_bind+0x2c3/0x3e0 net/socket.c:1841\n __do_sys_bind net/socket.c:1846 [inline]\n __se_sys_bind net/socket.c:1844 [inline]\n __x64_sys_bind+0x7a/0x90 net/socket.c:1844\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38118",
"url": "https://www.suse.com/security/cve/CVE-2025-38118"
},
{
"category": "external",
"summary": "SUSE Bug 1245670 for CVE-2025-38118",
"url": "https://bugzilla.suse.com/1245670"
},
{
"category": "external",
"summary": "SUSE Bug 1250826 for CVE-2025-38118",
"url": "https://bugzilla.suse.com/1250826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38118"
},
{
"cve": "CVE-2025-38120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo_avx2: fix initial map fill\n\nIf the first field doesn\u0027t cover the entire start map, then we must zero\nout the remainder, else we leak those bits into the next match round map.\n\nThe early fix was incomplete and did only fix up the generic C\nimplementation.\n\nA followup patch adds a test case to nft_concat_range.sh.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38120",
"url": "https://www.suse.com/security/cve/CVE-2025-38120"
},
{
"category": "external",
"summary": "SUSE Bug 1245711 for CVE-2025-38120",
"url": "https://bugzilla.suse.com/1245711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38120"
},
{
"cve": "CVE-2025-38122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38122"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: add missing NULL check for gve_alloc_pending_packet() in TX DQO\n\ngve_alloc_pending_packet() can return NULL, but gve_tx_add_skb_dqo()\ndid not check for this case before dereferencing the returned pointer.\n\nAdd a missing NULL check to prevent a potential NULL pointer\ndereference when allocation fails.\n\nThis improves robustness in low-memory scenarios.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38122",
"url": "https://www.suse.com/security/cve/CVE-2025-38122"
},
{
"category": "external",
"summary": "SUSE Bug 1245746 for CVE-2025-38122",
"url": "https://bugzilla.suse.com/1245746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38122"
},
{
"cve": "CVE-2025-38123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: t7xx: Fix napi rx poll issue\n\nWhen driver handles the napi rx polling requests, the netdev might\nhave been released by the dellink logic triggered by the disconnect\noperation on user plane. However, in the logic of processing skb in\npolling, an invalid netdev is still being used, which causes a panic.\n\nBUG: kernel NULL pointer dereference, address: 00000000000000f1\nOops: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:dev_gro_receive+0x3a/0x620\n[...]\nCall Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_t7xx_ccmni_recv_skb+0x10/0x10 [mtk_t7xx (HASH:1400 7)]\n ? dev_gro_receive+0x3a/0x620\n napi_gro_receive+0xad/0x170\n t7xx_ccmni_recv_skb+0x48/0x70 [mtk_t7xx (HASH:1400 7)]\n t7xx_dpmaif_napi_rx_poll+0x590/0x800 [mtk_t7xx (HASH:1400 7)]\n net_rx_action+0x103/0x470\n irq_exit_rcu+0x13a/0x310\n sysvec_apic_timer_interrupt+0x56/0x90\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38123",
"url": "https://www.suse.com/security/cve/CVE-2025-38123"
},
{
"category": "external",
"summary": "SUSE Bug 1245688 for CVE-2025-38123",
"url": "https://bugzilla.suse.com/1245688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38123"
},
{
"cve": "CVE-2025-38124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix udp gso skb_segment after pull from frag_list\n\nCommit a1e40ac5b5e9 (\"net: gso: fix udp gso fraglist segmentation after\npull from frag_list\") detected invalid geometry in frag_list skbs and\nredirects them from skb_segment_list to more robust skb_segment. But some\npackets with modified geometry can also hit bugs in that code. We don\u0027t\nknow how many such cases exist. Addressing each one by one also requires\ntouching the complex skb_segment code, which risks introducing bugs for\nother types of skbs. Instead, linearize all these packets that fail the\nbasic invariants on gso fraglist skbs. That is more robust.\n\nIf only part of the fraglist payload is pulled into head_skb, it will\nalways cause exception when splitting skbs by skb_segment. For detailed\ncall stack information, see below.\n\nValid SKB_GSO_FRAGLIST skbs\n- consist of two or more segments\n- the head_skb holds the protocol headers plus first gso_size\n- one or more frag_list skbs hold exactly one segment\n- all but the last must be gso_size\n\nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can\nmodify fraglist skbs, breaking these invariants.\n\nIn extreme cases they pull one part of data into skb linear. For UDP,\nthis causes three payloads with lengths of (11,11,10) bytes were\npulled tail to become (12,10,10) bytes.\n\nThe skbs no longer meets the above SKB_GSO_FRAGLIST conditions because\npayload was pulled into head_skb, it needs to be linearized before pass\nto regular skb_segment.\n\n skb_segment+0xcd0/0xd14\n __udp_gso_segment+0x334/0x5f4\n udp4_ufo_fragment+0x118/0x15c\n inet_gso_segment+0x164/0x338\n skb_mac_gso_segment+0xc4/0x13c\n __skb_gso_segment+0xc4/0x124\n validate_xmit_skb+0x9c/0x2c0\n validate_xmit_skb_list+0x4c/0x80\n sch_direct_xmit+0x70/0x404\n __dev_queue_xmit+0x64c/0xe5c\n neigh_resolve_output+0x178/0x1c4\n ip_finish_output2+0x37c/0x47c\n __ip_finish_output+0x194/0x240\n ip_finish_output+0x20/0xf4\n ip_output+0x100/0x1a0\n NF_HOOK+0xc4/0x16c\n ip_forward+0x314/0x32c\n ip_rcv+0x90/0x118\n __netif_receive_skb+0x74/0x124\n process_backlog+0xe8/0x1a4\n __napi_poll+0x5c/0x1f8\n net_rx_action+0x154/0x314\n handle_softirqs+0x154/0x4b8\n\n [118.376811] [C201134] rxq0_pus: [name:bug\u0026]kernel BUG at net/core/skbuff.c:4278!\n [118.376829] [C201134] rxq0_pus: [name:traps\u0026]Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n [118.470774] [C201134] rxq0_pus: [name:mrdump\u0026]Kernel Offset: 0x178cc00000 from 0xffffffc008000000\n [118.470810] [C201134] rxq0_pus: [name:mrdump\u0026]PHYS_OFFSET: 0x40000000\n [118.470827] [C201134] rxq0_pus: [name:mrdump\u0026]pstate: 60400005 (nZCv daif +PAN -UAO)\n [118.470848] [C201134] rxq0_pus: [name:mrdump\u0026]pc : [0xffffffd79598aefc] skb_segment+0xcd0/0xd14\n [118.470900] [C201134] rxq0_pus: [name:mrdump\u0026]lr : [0xffffffd79598a5e8] skb_segment+0x3bc/0xd14\n [118.470928] [C201134] rxq0_pus: [name:mrdump\u0026]sp : ffffffc008013770",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38124",
"url": "https://www.suse.com/security/cve/CVE-2025-38124"
},
{
"category": "external",
"summary": "SUSE Bug 1245690 for CVE-2025-38124",
"url": "https://bugzilla.suse.com/1245690"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38124"
},
{
"cve": "CVE-2025-38126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring timestamping\n\nThe stmmac platform drivers that do not open-code the clk_ptp_rate value\nafter having retrieved the default one from the device-tree can end up\nwith 0 in clk_ptp_rate (as clk_get_rate can return 0). It will\neventually propagate up to PTP initialization when bringing up the\ninterface, leading to a divide by 0:\n\n Division by zero in kernel.\n CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.30-00001-g48313bd5768a #22\n Hardware name: STM32 (Device Tree Support)\n Call trace:\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x6c/0x8c\n dump_stack_lvl from Ldiv0_64+0x8/0x18\n Ldiv0_64 from stmmac_init_tstamp_counter+0x190/0x1a4\n stmmac_init_tstamp_counter from stmmac_hw_setup+0xc1c/0x111c\n stmmac_hw_setup from __stmmac_open+0x18c/0x434\n __stmmac_open from stmmac_open+0x3c/0xbc\n stmmac_open from __dev_open+0xf4/0x1ac\n __dev_open from __dev_change_flags+0x1cc/0x224\n __dev_change_flags from dev_change_flags+0x24/0x60\n dev_change_flags from ip_auto_config+0x2e8/0x11a0\n ip_auto_config from do_one_initcall+0x84/0x33c\n do_one_initcall from kernel_init_freeable+0x1b8/0x214\n kernel_init_freeable from kernel_init+0x24/0x140\n kernel_init from ret_from_fork+0x14/0x28\n Exception stack(0xe0815fb0 to 0xe0815ff8)\n\nPrevent this division by 0 by adding an explicit check and error log\nabout the actual issue. While at it, remove the same check from\nstmmac_ptp_register, which then becomes duplicate",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38126",
"url": "https://www.suse.com/security/cve/CVE-2025-38126"
},
{
"category": "external",
"summary": "SUSE Bug 1245708 for CVE-2025-38126",
"url": "https://bugzilla.suse.com/1245708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38126"
},
{
"cve": "CVE-2025-38127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38127"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix Tx scheduler error handling in XDP callback\n\nWhen the XDP program is loaded, the XDP callback adds new Tx queues.\nThis means that the callback must update the Tx scheduler with the new\nqueue number. In the event of a Tx scheduler failure, the XDP callback\nshould also fail and roll back any changes previously made for XDP\npreparation.\n\nThe previous implementation had a bug that not all changes made by the\nXDP callback were rolled back. This caused the crash with the following\ncall trace:\n\n[ +9.549584] ice 0000:ca:00.0: Failed VSI LAN queue config for XDP, error: -5\n[ +0.382335] Oops: general protection fault, probably for non-canonical address 0x50a2250a90495525: 0000 [#1] SMP NOPTI\n[ +0.010710] CPU: 103 UID: 0 PID: 0 Comm: swapper/103 Not tainted 6.14.0-net-next-mar-31+ #14 PREEMPT(voluntary)\n[ +0.010175] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022\n[ +0.010946] RIP: 0010:__ice_update_sample+0x39/0xe0 [ice]\n\n[...]\n\n[ +0.002715] Call Trace:\n[ +0.002452] \u003cIRQ\u003e\n[ +0.002021] ? __die_body.cold+0x19/0x29\n[ +0.003922] ? die_addr+0x3c/0x60\n[ +0.003319] ? exc_general_protection+0x17c/0x400\n[ +0.004707] ? asm_exc_general_protection+0x26/0x30\n[ +0.004879] ? __ice_update_sample+0x39/0xe0 [ice]\n[ +0.004835] ice_napi_poll+0x665/0x680 [ice]\n[ +0.004320] __napi_poll+0x28/0x190\n[ +0.003500] net_rx_action+0x198/0x360\n[ +0.003752] ? update_rq_clock+0x39/0x220\n[ +0.004013] handle_softirqs+0xf1/0x340\n[ +0.003840] ? sched_clock_cpu+0xf/0x1f0\n[ +0.003925] __irq_exit_rcu+0xc2/0xe0\n[ +0.003665] common_interrupt+0x85/0xa0\n[ +0.003839] \u003c/IRQ\u003e\n[ +0.002098] \u003cTASK\u003e\n[ +0.002106] asm_common_interrupt+0x26/0x40\n[ +0.004184] RIP: 0010:cpuidle_enter_state+0xd3/0x690\n\nFix this by performing the missing unmapping of XDP queues from\nq_vectors and setting the XDP rings pointer back to NULL after all those\nqueues are released.\nAlso, add an immediate exit from the XDP callback in case of ring\npreparation failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38127",
"url": "https://www.suse.com/security/cve/CVE-2025-38127"
},
{
"category": "external",
"summary": "SUSE Bug 1245705 for CVE-2025-38127",
"url": "https://bugzilla.suse.com/1245705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38127"
},
{
"cve": "CVE-2025-38129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npage_pool: Fix use-after-free in page_pool_recycle_in_ring\n\nsyzbot reported a uaf in page_pool_recycle_in_ring:\n\nBUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862\nRead of size 8 at addr ffff8880286045a0 by task syz.0.284/6943\n\nCPU: 0 UID: 0 PID: 6943 Comm: syz.0.284 Not tainted 6.13.0-rc3-syzkaller-gdfa94ce54f41 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862\n __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:165 [inline]\n _raw_spin_unlock_bh+0x1b/0x40 kernel/locking/spinlock.c:210\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n ptr_ring_produce_bh include/linux/ptr_ring.h:164 [inline]\n page_pool_recycle_in_ring net/core/page_pool.c:707 [inline]\n page_pool_put_unrefed_netmem+0x748/0xb00 net/core/page_pool.c:826\n page_pool_put_netmem include/net/page_pool/helpers.h:323 [inline]\n page_pool_put_full_netmem include/net/page_pool/helpers.h:353 [inline]\n napi_pp_put_page+0x149/0x2b0 net/core/skbuff.c:1036\n skb_pp_recycle net/core/skbuff.c:1047 [inline]\n skb_free_head net/core/skbuff.c:1094 [inline]\n skb_release_data+0x6c4/0x8a0 net/core/skbuff.c:1125\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb net/core/skbuff.c:1204 [inline]\n sk_skb_reason_drop+0x1c9/0x380 net/core/skbuff.c:1242\n kfree_skb_reason include/linux/skbuff.h:1263 [inline]\n __skb_queue_purge_reason include/linux/skbuff.h:3343 [inline]\n\nroot cause is:\n\npage_pool_recycle_in_ring\n ptr_ring_produce\n spin_lock(\u0026r-\u003eproducer_lock);\n WRITE_ONCE(r-\u003equeue[r-\u003eproducer++], ptr)\n //recycle last page to pool\n\t\t\t\tpage_pool_release\n\t\t\t\t page_pool_scrub\n\t\t\t\t page_pool_empty_ring\n\t\t\t\t ptr_ring_consume\n\t\t\t\t page_pool_return_page //release all page\n\t\t\t\t __page_pool_destroy\n\t\t\t\t free_percpu(pool-\u003erecycle_stats);\n\t\t\t\t free(pool) //free\n\n spin_unlock(\u0026r-\u003eproducer_lock); //pool-\u003ering uaf read\n recycle_stat_inc(pool, ring);\n\npage_pool can be free while page pool recycle the last page in ring.\nAdd producer-lock barrier to page_pool_release to prevent the page\npool from being free before all pages have been recycled.\n\nrecycle_stat_inc() is empty when CONFIG_PAGE_POOL_STATS is not\nenabled, which will trigger Wempty-body build warning. Add definition\nfor pool stat macro to fix warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38129",
"url": "https://www.suse.com/security/cve/CVE-2025-38129"
},
{
"category": "external",
"summary": "SUSE Bug 1245723 for CVE-2025-38129",
"url": "https://bugzilla.suse.com/1245723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38129"
},
{
"cve": "CVE-2025-38131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: prevent deactivate active config while enabling the config\n\nWhile enable active config via cscfg_csdev_enable_active_config(),\nactive config could be deactivated via configfs\u0027 sysfs interface.\nThis could make UAF issue in below scenario:\n\nCPU0 CPU1\n(sysfs enable) load module\n cscfg_load_config_sets()\n activate config. // sysfs\n (sys_active_cnt == 1)\n...\ncscfg_csdev_enable_active_config()\nlock(csdev-\u003ecscfg_csdev_lock)\n// here load config activate by CPU1\nunlock(csdev-\u003ecscfg_csdev_lock)\n\n deactivate config // sysfs\n (sys_activec_cnt == 0)\n cscfg_unload_config_sets()\n unload module\n\n// access to config_desc which freed\n// while unloading module.\ncscfg_csdev_enable_config\n\nTo address this, use cscfg_config_desc\u0027s active_cnt as a reference count\n which will be holded when\n - activate the config.\n - enable the activated config.\nand put the module reference when config_active_cnt == 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38131",
"url": "https://www.suse.com/security/cve/CVE-2025-38131"
},
{
"category": "external",
"summary": "SUSE Bug 1245677 for CVE-2025-38131",
"url": "https://bugzilla.suse.com/1245677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38131"
},
{
"cve": "CVE-2025-38132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: holding cscfg_csdev_lock while removing cscfg from csdev\n\nThere\u0027ll be possible race scenario for coresight config:\n\nCPU0 CPU1\n(perf enable) load module\n cscfg_load_config_sets()\n activate config. // sysfs\n (sys_active_cnt == 1)\n...\ncscfg_csdev_enable_active_config()\n lock(csdev-\u003ecscfg_csdev_lock)\n deactivate config // sysfs\n (sys_activec_cnt == 0)\n cscfg_unload_config_sets()\n \u003citerating config_csdev_list\u003e cscfg_remove_owned_csdev_configs()\n // here load config activate by CPU1\n unlock(csdev-\u003ecscfg_csdev_lock)\n\niterating config_csdev_list could be raced with config_csdev_list\u0027s\nentry delete.\n\nTo resolve this race , hold csdev-\u003ecscfg_csdev_lock() while\ncscfg_remove_owned_csdev_configs()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38132",
"url": "https://www.suse.com/security/cve/CVE-2025-38132"
},
{
"category": "external",
"summary": "SUSE Bug 1245679 for CVE-2025-38132",
"url": "https://bugzilla.suse.com/1245679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38132"
},
{
"cve": "CVE-2025-38135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: Fix potential null-ptr-deref in mlb_usio_probe()\n\ndevm_ioremap() can return NULL on error. Currently, mlb_usio_probe()\ndoes not check for this case, which could result in a NULL pointer\ndereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38135",
"url": "https://www.suse.com/security/cve/CVE-2025-38135"
},
{
"category": "external",
"summary": "SUSE Bug 1246023 for CVE-2025-38135",
"url": "https://bugzilla.suse.com/1246023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38135"
},
{
"cve": "CVE-2025-38136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Reorder clock handling and power management in probe\n\nReorder the initialization sequence in `usbhs_probe()` to enable runtime\nPM before accessing registers, preventing potential crashes due to\nuninitialized clocks.\n\nCurrently, in the probe path, registers are accessed before enabling the\nclocks, leading to a synchronous external abort on the RZ/V2H SoC.\nThe problematic call flow is as follows:\n\n usbhs_probe()\n usbhs_sys_clock_ctrl()\n usbhs_bset()\n usbhs_write()\n iowrite16() \u003c-- Register access before enabling clocks\n\nSince `iowrite16()` is performed without ensuring the required clocks are\nenabled, this can lead to access errors. To fix this, enable PM runtime\nearly in the probe function and ensure clocks are acquired before register\naccess, preventing crashes like the following on RZ/V2H:\n\n[13.272640] Internal error: synchronous external abort: 0000000096000010 [#1] PREEMPT SMP\n[13.280814] Modules linked in: cec renesas_usbhs(+) drm_kms_helper fuse drm backlight ipv6\n[13.289088] CPU: 1 UID: 0 PID: 195 Comm: (udev-worker) Not tainted 6.14.0-rc7+ #98\n[13.296640] Hardware name: Renesas RZ/V2H EVK Board based on r9a09g057h44 (DT)\n[13.303834] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[13.310770] pc : usbhs_bset+0x14/0x4c [renesas_usbhs]\n[13.315831] lr : usbhs_probe+0x2e4/0x5ac [renesas_usbhs]\n[13.321138] sp : ffff8000827e3850\n[13.324438] x29: ffff8000827e3860 x28: 0000000000000000 x27: ffff8000827e3ca0\n[13.331554] x26: ffff8000827e3ba0 x25: ffff800081729668 x24: 0000000000000025\n[13.338670] x23: ffff0000c0f08000 x22: 0000000000000000 x21: ffff0000c0f08010\n[13.345783] x20: 0000000000000000 x19: ffff0000c3b52080 x18: 00000000ffffffff\n[13.352895] x17: 0000000000000000 x16: 0000000000000000 x15: ffff8000827e36ce\n[13.360009] x14: 00000000000003d7 x13: 00000000000003d7 x12: 0000000000000000\n[13.367122] x11: 0000000000000000 x10: 0000000000000aa0 x9 : ffff8000827e3750\n[13.374235] x8 : ffff0000c1850b00 x7 : 0000000003826060 x6 : 000000000000001c\n[13.381347] x5 : 000000030d5fcc00 x4 : ffff8000825c0000 x3 : 0000000000000000\n[13.388459] x2 : 0000000000000400 x1 : 0000000000000000 x0 : ffff0000c3b52080\n[13.395574] Call trace:\n[13.398013] usbhs_bset+0x14/0x4c [renesas_usbhs] (P)\n[13.403076] platform_probe+0x68/0xdc\n[13.406738] really_probe+0xbc/0x2c0\n[13.410306] __driver_probe_device+0x78/0x120\n[13.414653] driver_probe_device+0x3c/0x154\n[13.418825] __driver_attach+0x90/0x1a0\n[13.422647] bus_for_each_dev+0x7c/0xe0\n[13.426470] driver_attach+0x24/0x30\n[13.430032] bus_add_driver+0xe4/0x208\n[13.433766] driver_register+0x68/0x130\n[13.437587] __platform_driver_register+0x24/0x30\n[13.442273] renesas_usbhs_driver_init+0x20/0x1000 [renesas_usbhs]\n[13.448450] do_one_initcall+0x60/0x1d4\n[13.452276] do_init_module+0x54/0x1f8\n[13.456014] load_module+0x1754/0x1c98\n[13.459750] init_module_from_file+0x88/0xcc\n[13.464004] __arm64_sys_finit_module+0x1c4/0x328\n[13.468689] invoke_syscall+0x48/0x104\n[13.472426] el0_svc_common.constprop.0+0xc0/0xe0\n[13.477113] do_el0_svc+0x1c/0x28\n[13.480415] el0_svc+0x30/0xcc\n[13.483460] el0t_64_sync_handler+0x10c/0x138\n[13.487800] el0t_64_sync+0x198/0x19c\n[13.491453] Code: 2a0103e1 12003c42 12003c63 8b010084 (79400084)\n[13.497522] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38136",
"url": "https://www.suse.com/security/cve/CVE-2025-38136"
},
{
"category": "external",
"summary": "SUSE Bug 1245691 for CVE-2025-38136",
"url": "https://bugzilla.suse.com/1245691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38136"
},
{
"cve": "CVE-2025-38138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: Add NULL check in udma_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nudma_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38138",
"url": "https://www.suse.com/security/cve/CVE-2025-38138"
},
{
"category": "external",
"summary": "SUSE Bug 1245719 for CVE-2025-38138",
"url": "https://bugzilla.suse.com/1245719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38138"
},
{
"cve": "CVE-2025-38142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (asus-ec-sensors) check sensor index in read_string()\n\nPrevent a potential invalid memory access when the requested sensor\nis not found.\n\nfind_ec_sensor_index() may return a negative value (e.g. -ENOENT),\nbut its result was used without checking, which could lead to\nundefined behavior when passed to get_sensor_info().\n\nAdd a proper check to return -EINVAL if sensor_index is negative.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[groeck: Return error code returned from find_ec_sensor_index]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38142",
"url": "https://www.suse.com/security/cve/CVE-2025-38142"
},
{
"category": "external",
"summary": "SUSE Bug 1245713 for CVE-2025-38142",
"url": "https://bugzilla.suse.com/1245713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38142"
},
{
"cve": "CVE-2025-38143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: pm8941: Add NULL check in wled_configure()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nwled_configure() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38143",
"url": "https://www.suse.com/security/cve/CVE-2025-38143"
},
{
"category": "external",
"summary": "SUSE Bug 1245714 for CVE-2025-38143",
"url": "https://bugzilla.suse.com/1245714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38143"
},
{
"cve": "CVE-2025-38145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\naspeed_lpc_enable_snoop() does not check for this case, which results in a\nNULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.\n\n[arj: Fix Fixes: tag to use subject from 3772e5da4454]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38145",
"url": "https://www.suse.com/security/cve/CVE-2025-38145"
},
{
"category": "external",
"summary": "SUSE Bug 1245765 for CVE-2025-38145",
"url": "https://bugzilla.suse.com/1245765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38145"
},
{
"cve": "CVE-2025-38147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Don\u0027t call calipso functions for AF_INET sk.\n\nsyzkaller reported a null-ptr-deref in txopt_get(). [0]\n\nThe offset 0x70 was of struct ipv6_txoptions in struct ipv6_pinfo,\nso struct ipv6_pinfo was NULL there.\n\nHowever, this never happens for IPv6 sockets as inet_sk(sk)-\u003epinet6\nis always set in inet6_create(), meaning the socket was not IPv6 one.\n\nThe root cause is missing validation in netlbl_conn_setattr().\n\nnetlbl_conn_setattr() switches branches based on struct\nsockaddr.sa_family, which is passed from userspace. However,\nnetlbl_conn_setattr() does not check if the address family matches\nthe socket.\n\nThe syzkaller must have called connect() for an IPv6 address on\nan IPv4 socket.\n\nWe have a proper validation in tcp_v[46]_connect(), but\nsecurity_socket_connect() is called in the earlier stage.\n\nLet\u0027s copy the validation to netlbl_conn_setattr().\n\n[0]:\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 2 UID: 0 PID: 12928 Comm: syz.9.1677 Not tainted 6.12.0 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:txopt_get include/net/ipv6.h:390 [inline]\nRIP: 0010:\nCode: 02 00 00 49 8b ac 24 f8 02 00 00 e8 84 69 2a fd e8 ff 00 16 fd 48 8d 7d 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 53 02 00 00 48 8b 6d 70 48 85 ed 0f 84 ab 01 00\nRSP: 0018:ffff88811b8afc48 EFLAGS: 00010212\nRAX: dffffc0000000000 RBX: 1ffff11023715f8a RCX: ffffffff841ab00c\nRDX: 000000000000000e RSI: ffffc90007d9e000 RDI: 0000000000000070\nRBP: 0000000000000000 R08: ffffed1023715f9d R09: ffffed1023715f9e\nR10: ffffed1023715f9d R11: 0000000000000003 R12: ffff888123075f00\nR13: ffff88810245bd80 R14: ffff888113646780 R15: ffff888100578a80\nFS: 00007f9019bd7640(0000) GS:ffff8882d2d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f901b927bac CR3: 0000000104788003 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \u003cTASK\u003e\n calipso_sock_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:557\n netlbl_conn_setattr+0x10c/0x280 net/netlabel/netlabel_kapi.c:1177\n selinux_netlbl_socket_connect_helper+0xd3/0x1b0 security/selinux/netlabel.c:569\n selinux_netlbl_socket_connect_locked security/selinux/netlabel.c:597 [inline]\n selinux_netlbl_socket_connect+0xb6/0x100 security/selinux/netlabel.c:615\n selinux_socket_connect+0x5f/0x80 security/selinux/hooks.c:4931\n security_socket_connect+0x50/0xa0 security/security.c:4598\n __sys_connect_file+0xa4/0x190 net/socket.c:2067\n __sys_connect+0x12c/0x170 net/socket.c:2088\n __do_sys_connect net/socket.c:2098 [inline]\n __se_sys_connect net/socket.c:2095 [inline]\n __x64_sys_connect+0x73/0xb0 net/socket.c:2095\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xaa/0x1b0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f901b61a12d\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f9019bd6fa8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 00007f901b925fa0 RCX: 00007f901b61a12d\nRDX: 000000000000001c RSI: 0000200000000140 RDI: 0000000000000003\nRBP: 00007f901b701505 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f901b5b62a0 R15: 00007f9019bb7000\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38147",
"url": "https://www.suse.com/security/cve/CVE-2025-38147"
},
{
"category": "external",
"summary": "SUSE Bug 1245768 for CVE-2025-38147",
"url": "https://bugzilla.suse.com/1245768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38147"
},
{
"cve": "CVE-2025-38148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: mscc: Fix memory leak when using one step timestamping\n\nFix memory leak when running one-step timestamping. When running\none-step sync timestamping, the HW is configured to insert the TX time\ninto the frame, so there is no reason to keep the skb anymore. As in\nthis case the HW will never generate an interrupt to say that the frame\nwas timestamped, then the frame will never released.\nFix this by freeing the frame in case of one-step timestamping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38148",
"url": "https://www.suse.com/security/cve/CVE-2025-38148"
},
{
"category": "external",
"summary": "SUSE Bug 1245735 for CVE-2025-38148",
"url": "https://bugzilla.suse.com/1245735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38148"
},
{
"cve": "CVE-2025-38149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: clear phydev-\u003edevlink when the link is deleted\n\nThere is a potential crash issue when disabling and re-enabling the\nnetwork port. When disabling the network port, phy_detach() calls\ndevice_link_del() to remove the device link, but it does not clear\nphydev-\u003edevlink, so phydev-\u003edevlink is not a NULL pointer. Then the\nnetwork port is re-enabled, but if phy_attach_direct() fails before\ncalling device_link_add(), the code jumps to the \"error\" label and\ncalls phy_detach(). Since phydev-\u003edevlink retains the old value from\nthe previous attach/detach cycle, device_link_del() uses the old value,\nwhich accesses a NULL pointer and causes a crash. The simplified crash\nlog is as follows.\n\n[ 24.702421] Call trace:\n[ 24.704856] device_link_put_kref+0x20/0x120\n[ 24.709124] device_link_del+0x30/0x48\n[ 24.712864] phy_detach+0x24/0x168\n[ 24.716261] phy_attach_direct+0x168/0x3a4\n[ 24.720352] phylink_fwnode_phy_connect+0xc8/0x14c\n[ 24.725140] phylink_of_phy_connect+0x1c/0x34\n\nTherefore, phydev-\u003edevlink needs to be cleared when the device link is\ndeleted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38149",
"url": "https://www.suse.com/security/cve/CVE-2025-38149"
},
{
"category": "external",
"summary": "SUSE Bug 1245737 for CVE-2025-38149",
"url": "https://bugzilla.suse.com/1245737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38149"
},
{
"cve": "CVE-2025-38151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix hang when cma_netevent_callback fails to queue_work\n\nThe cited commit fixed a crash when cma_netevent_callback was called for\na cma_id while work on that id from a previous call had not yet started.\nThe work item was re-initialized in the second call, which corrupted the\nwork item currently in the work queue.\n\nHowever, it left a problem when queue_work fails (because the item is\nstill pending in the work queue from a previous call). In this case,\ncma_id_put (which is called in the work handler) is therefore not\ncalled. This results in a userspace process hang (zombie process).\n\nFix this by calling cma_id_put() if queue_work fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38151",
"url": "https://www.suse.com/security/cve/CVE-2025-38151"
},
{
"category": "external",
"summary": "SUSE Bug 1245745 for CVE-2025-38151",
"url": "https://bugzilla.suse.com/1245745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38151"
},
{
"cve": "CVE-2025-38153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: aqc111: fix error handling of usbnet read calls\n\nSyzkaller, courtesy of syzbot, identified an error (see report [1]) in\naqc111 driver, caused by incomplete sanitation of usb read calls\u0027\nresults. This problem is quite similar to the one fixed in commit\n920a9fa27e78 (\"net: asix: add proper error handling of usb read errors\").\n\nFor instance, usbnet_read_cmd() may read fewer than \u0027size\u0027 bytes,\neven if the caller expected the full amount, and aqc111_read_cmd()\nwill not check its result properly. As [1] shows, this may lead\nto MAC address in aqc111_bind() being only partly initialized,\ntriggering KMSAN warnings.\n\nFix the issue by verifying that the number of bytes read is\nas expected and not less.\n\n[1] Partial syzbot report:\nBUG: KMSAN: uninit-value in is_valid_ether_addr include/linux/etherdevice.h:208 [inline]\nBUG: KMSAN: uninit-value in usbnet_probe+0x2e57/0x4390 drivers/net/usb/usbnet.c:1830\n is_valid_ether_addr include/linux/etherdevice.h:208 [inline]\n usbnet_probe+0x2e57/0x4390 drivers/net/usb/usbnet.c:1830\n usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:-1 [inline]\n really_probe+0x4d1/0xd90 drivers/base/dd.c:658\n __driver_probe_device+0x268/0x380 drivers/base/dd.c:800\n...\n\nUninit was stored to memory at:\n dev_addr_mod+0xb0/0x550 net/core/dev_addr_lists.c:582\n __dev_addr_set include/linux/netdevice.h:4874 [inline]\n eth_hw_addr_set include/linux/etherdevice.h:325 [inline]\n aqc111_bind+0x35f/0x1150 drivers/net/usb/aqc111.c:717\n usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772\n usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396\n...\n\nUninit was stored to memory at:\n ether_addr_copy include/linux/etherdevice.h:305 [inline]\n aqc111_read_perm_mac drivers/net/usb/aqc111.c:663 [inline]\n aqc111_bind+0x794/0x1150 drivers/net/usb/aqc111.c:713\n usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772\n usb_probe_interface+0xd01/0x1310 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:-1 [inline]\n...\n\nLocal variable buf.i created at:\n aqc111_read_perm_mac drivers/net/usb/aqc111.c:656 [inline]\n aqc111_bind+0x221/0x1150 drivers/net/usb/aqc111.c:713\n usbnet_probe+0xbe6/0x4390 drivers/net/usb/usbnet.c:1772",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38153",
"url": "https://www.suse.com/security/cve/CVE-2025-38153"
},
{
"category": "external",
"summary": "SUSE Bug 1245744 for CVE-2025-38153",
"url": "https://bugzilla.suse.com/1245744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38153"
},
{
"cve": "CVE-2025-38154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Avoid using sk_socket after free when sending\n\nThe sk-\u003esk_socket is not locked or referenced in backlog thread, and\nduring the call to skb_send_sock(), there is a race condition with\nthe release of sk_socket. All types of sockets(tcp/udp/unix/vsock)\nwill be affected.\n\nRace conditions:\n\u0027\u0027\u0027\nCPU0 CPU1\n\nbacklog::skb_send_sock\n sendmsg_unlocked\n sock_sendmsg\n sock_sendmsg_nosec\n close(fd):\n ...\n ops-\u003erelease() -\u003e sock_map_close()\n sk_socket-\u003eops = NULL\n free(socket)\n sock-\u003eops-\u003esendmsg\n ^\n panic here\n\u0027\u0027\u0027\n\nThe ref of psock become 0 after sock_map_close() executed.\n\u0027\u0027\u0027\nvoid sock_map_close()\n{\n ...\n if (likely(psock)) {\n ...\n // !! here we remove psock and the ref of psock become 0\n sock_map_remove_links(sk, psock)\n psock = sk_psock_get(sk);\n if (unlikely(!psock))\n goto no_psock; \u003c=== Control jumps here via goto\n ...\n cancel_delayed_work_sync(\u0026psock-\u003ework); \u003c=== not executed\n sk_psock_put(sk, psock);\n ...\n}\n\u0027\u0027\u0027\n\nBased on the fact that we already wait for the workqueue to finish in\nsock_map_close() if psock is held, we simply increase the psock\nreference count to avoid race conditions.\n\nWith this patch, if the backlog thread is running, sock_map_close() will\nwait for the backlog thread to complete and cancel all pending work.\n\nIf no backlog running, any pending work that hasn\u0027t started by then will\nfail when invoked by sk_psock_get(), as the psock reference count have\nbeen zeroed, and sk_psock_drop() will cancel all jobs via\ncancel_delayed_work_sync().\n\nIn summary, we require synchronization to coordinate the backlog thread\nand close() thread.\n\nThe panic I catched:\n\u0027\u0027\u0027\nWorkqueue: events sk_psock_backlog\nRIP: 0010:sock_sendmsg+0x21d/0x440\nRAX: 0000000000000000 RBX: ffffc9000521fad8 RCX: 0000000000000001\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x40/0xa0\n ? exc_general_protection+0x14c/0x230\n ? asm_exc_general_protection+0x26/0x30\n ? sock_sendmsg+0x21d/0x440\n ? sock_sendmsg+0x3e0/0x440\n ? __pfx_sock_sendmsg+0x10/0x10\n __skb_send_sock+0x543/0xb70\n sk_psock_backlog+0x247/0xb80\n...\n\u0027\u0027\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38154",
"url": "https://www.suse.com/security/cve/CVE-2025-38154"
},
{
"category": "external",
"summary": "SUSE Bug 1245749 for CVE-2025-38154",
"url": "https://bugzilla.suse.com/1245749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38154"
},
{
"cve": "CVE-2025-38155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()\n\ndevm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nPrevent null pointer dereference in mt7915_mmio_wed_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38155",
"url": "https://www.suse.com/security/cve/CVE-2025-38155"
},
{
"category": "external",
"summary": "SUSE Bug 1245748 for CVE-2025-38155",
"url": "https://bugzilla.suse.com/1245748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38155"
},
{
"cve": "CVE-2025-38157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Abort software beacon handling if disabled\n\nA malicious USB device can send a WMI_SWBA_EVENTID event from an\nath9k_htc-managed device before beaconing has been enabled. This causes\na device-by-zero error in the driver, leading to either a crash or an\nout of bounds read.\n\nPrevent this by aborting the handling in ath9k_htc_swba() if beacons are\nnot enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38157",
"url": "https://www.suse.com/security/cve/CVE-2025-38157"
},
{
"category": "external",
"summary": "SUSE Bug 1245747 for CVE-2025-38157",
"url": "https://bugzilla.suse.com/1245747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38157"
},
{
"cve": "CVE-2025-38158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhisi_acc_vfio_pci: fix XQE dma address error\n\nThe dma addresses of EQE and AEQE are wrong after migration and\nresults in guest kernel-mode encryption services failure.\nComparing the definition of hardware registers, we found that\nthere was an error when the data read from the register was\ncombined into an address. Therefore, the address combination\nsequence needs to be corrected.\n\nEven after fixing the above problem, we still have an issue\nwhere the Guest from an old kernel can get migrated to\nnew kernel and may result in wrong data.\n\nIn order to ensure that the address is correct after migration,\nif an old magic number is detected, the dma address needs to be\nupdated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38158",
"url": "https://www.suse.com/security/cve/CVE-2025-38158"
},
{
"category": "external",
"summary": "SUSE Bug 1245750 for CVE-2025-38158",
"url": "https://bugzilla.suse.com/1245750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38158"
},
{
"cve": "CVE-2025-38159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds\n\nSet the size to 6 instead of 2, since \u0027para\u0027 array is passed to\n\u0027rtw_fw_bt_wifi_control(rtwdev, para[0], \u0026para[1])\u0027, which reads\n5 bytes:\n\nvoid rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data)\n{\n ...\n SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data);\n SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1));\n ...\n SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4));\n\nDetected using the static analysis tool - Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38159",
"url": "https://www.suse.com/security/cve/CVE-2025-38159"
},
{
"category": "external",
"summary": "SUSE Bug 1245751 for CVE-2025-38159",
"url": "https://bugzilla.suse.com/1245751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38159"
},
{
"cve": "CVE-2025-38161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix error flow upon firmware failure for RQ destruction\n\nUpon RQ destruction if the firmware command fails which is the\nlast resource to be destroyed some SW resources were already cleaned\nregardless of the failure.\n\nNow properly rollback the object to its original state upon such failure.\n\nIn order to avoid a use-after free in case someone tries to destroy the\nobject again, which results in the following kernel trace:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 0 PID: 37589 at lib/refcount.c:28 refcount_warn_saturate+0xf4/0x148\nModules linked in: rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) rfkill mlx5_core(OE) mlxdevm(OE) ib_uverbs(OE) ib_core(OE) psample mlxfw(OE) mlx_compat(OE) macsec tls pci_hyperv_intf sunrpc vfat fat virtio_net net_failover failover fuse loop nfnetlink vsock_loopback vmw_vsock_virtio_transport_common vmw_vsock_vmci_transport vmw_vmci vsock xfs crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_console virtio_gpu virtio_blk virtio_dma_buf virtio_mmio dm_mirror dm_region_hash dm_log dm_mod xpmem(OE)\nCPU: 0 UID: 0 PID: 37589 Comm: python3 Kdump: loaded Tainted: G OE ------- --- 6.12.0-54.el10.aarch64 #1\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : refcount_warn_saturate+0xf4/0x148\nlr : refcount_warn_saturate+0xf4/0x148\nsp : ffff80008b81b7e0\nx29: ffff80008b81b7e0 x28: ffff000133d51600 x27: 0000000000000001\nx26: 0000000000000000 x25: 00000000ffffffea x24: ffff00010ae80f00\nx23: ffff00010ae80f80 x22: ffff0000c66e5d08 x21: 0000000000000000\nx20: ffff0000c66e0000 x19: ffff00010ae80340 x18: 0000000000000006\nx17: 0000000000000000 x16: 0000000000000020 x15: ffff80008b81b37f\nx14: 0000000000000000 x13: 2e656572662d7265 x12: ffff80008283ef78\nx11: ffff80008257efd0 x10: ffff80008283efd0 x9 : ffff80008021ed90\nx8 : 0000000000000001 x7 : 00000000000bffe8 x6 : c0000000ffff7fff\nx5 : ffff0001fb8e3408 x4 : 0000000000000000 x3 : ffff800179993000\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000133d51600\nCall trace:\n refcount_warn_saturate+0xf4/0x148\n mlx5_core_put_rsc+0x88/0xa0 [mlx5_ib]\n mlx5_core_destroy_rq_tracked+0x64/0x98 [mlx5_ib]\n mlx5_ib_destroy_wq+0x34/0x80 [mlx5_ib]\n ib_destroy_wq_user+0x30/0xc0 [ib_core]\n uverbs_free_wq+0x28/0x58 [ib_uverbs]\n destroy_hw_idr_uobject+0x34/0x78 [ib_uverbs]\n uverbs_destroy_uobject+0x48/0x240 [ib_uverbs]\n __uverbs_cleanup_ufile+0xd4/0x1a8 [ib_uverbs]\n uverbs_destroy_ufile_hw+0x48/0x120 [ib_uverbs]\n ib_uverbs_close+0x2c/0x100 [ib_uverbs]\n __fput+0xd8/0x2f0\n __fput_sync+0x50/0x70\n __arm64_sys_close+0x40/0x90\n invoke_syscall.constprop.0+0x74/0xd0\n do_el0_svc+0x48/0xe8\n el0_svc+0x44/0x1d0\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x1a4/0x1a8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38161",
"url": "https://www.suse.com/security/cve/CVE-2025-38161"
},
{
"category": "external",
"summary": "SUSE Bug 1245777 for CVE-2025-38161",
"url": "https://bugzilla.suse.com/1245777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38161"
},
{
"cve": "CVE-2025-38162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: prevent overflow in lookup table allocation\n\nWhen calculating the lookup table size, ensure the following\nmultiplication does not overflow:\n\n- desc-\u003efield_len[] maximum value is U8_MAX multiplied by\n NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case.\n- NFT_PIPAPO_BUCKETS(f-\u003ebb) is 2^8, worst case.\n- sizeof(unsigned long), from sizeof(*f-\u003elt), lt in\n struct nft_pipapo_field.\n\nThen, use check_mul_overflow() to multiply by bucket size and then use\ncheck_add_overflow() to the alignment for avx2 (if needed). Finally, add\nlt_size_check_overflow() helper and use it to consolidate this.\n\nWhile at it, replace leftover allocation using the GFP_KERNEL to\nGFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38162",
"url": "https://www.suse.com/security/cve/CVE-2025-38162"
},
{
"category": "external",
"summary": "SUSE Bug 1245752 for CVE-2025-38162",
"url": "https://bugzilla.suse.com/1245752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38162"
},
{
"cve": "CVE-2025-38165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix panic when calling skb_linearize\n\nThe panic can be reproduced by executing the command:\n./bench sockmap -c 2 -p 1 -a --rx-verdict-ingress --rx-strp 100000\n\nThen a kernel panic was captured:\n\u0027\u0027\u0027\n[ 657.460555] kernel BUG at net/core/skbuff.c:2178!\n[ 657.462680] Tainted: [W]=WARN\n[ 657.463287] Workqueue: events sk_psock_backlog\n...\n[ 657.469610] \u003cTASK\u003e\n[ 657.469738] ? die+0x36/0x90\n[ 657.469916] ? do_trap+0x1d0/0x270\n[ 657.470118] ? pskb_expand_head+0x612/0xf40\n[ 657.470376] ? pskb_expand_head+0x612/0xf40\n[ 657.470620] ? do_error_trap+0xa3/0x170\n[ 657.470846] ? pskb_expand_head+0x612/0xf40\n[ 657.471092] ? handle_invalid_op+0x2c/0x40\n[ 657.471335] ? pskb_expand_head+0x612/0xf40\n[ 657.471579] ? exc_invalid_op+0x2d/0x40\n[ 657.471805] ? asm_exc_invalid_op+0x1a/0x20\n[ 657.472052] ? pskb_expand_head+0xd1/0xf40\n[ 657.472292] ? pskb_expand_head+0x612/0xf40\n[ 657.472540] ? lock_acquire+0x18f/0x4e0\n[ 657.472766] ? find_held_lock+0x2d/0x110\n[ 657.472999] ? __pfx_pskb_expand_head+0x10/0x10\n[ 657.473263] ? __kmalloc_cache_noprof+0x5b/0x470\n[ 657.473537] ? __pfx___lock_release.isra.0+0x10/0x10\n[ 657.473826] __pskb_pull_tail+0xfd/0x1d20\n[ 657.474062] ? __kasan_slab_alloc+0x4e/0x90\n[ 657.474707] sk_psock_skb_ingress_enqueue+0x3bf/0x510\n[ 657.475392] ? __kasan_kmalloc+0xaa/0xb0\n[ 657.476010] sk_psock_backlog+0x5cf/0xd70\n[ 657.476637] process_one_work+0x858/0x1a20\n\u0027\u0027\u0027\n\nThe panic originates from the assertion BUG_ON(skb_shared(skb)) in\nskb_linearize(). A previous commit(see Fixes tag) introduced skb_get()\nto avoid race conditions between skb operations in the backlog and skb\nrelease in the recvmsg path. However, this caused the panic to always\noccur when skb_linearize is executed.\n\nThe \"--rx-strp 100000\" parameter forces the RX path to use the strparser\nmodule which aggregates data until it reaches 100KB before calling sockmap\nlogic. The 100KB payload exceeds MAX_MSG_FRAGS, triggering skb_linearize.\n\nTo fix this issue, just move skb_get into sk_psock_skb_ingress_enqueue.\n\n\u0027\u0027\u0027\nsk_psock_backlog:\n sk_psock_handle_skb\n skb_get(skb) \u003c== we move it into \u0027sk_psock_skb_ingress_enqueue\u0027\n sk_psock_skb_ingress____________\n v\n |\n | -\u003e sk_psock_skb_ingress_self\n | sk_psock_skb_ingress_enqueue\nsk_psock_verdict_apply_________________^ skb_linearize\n\u0027\u0027\u0027\n\nNote that for verdict_apply path, the skb_get operation is unnecessary so\nwe add \u0027take_ref\u0027 param to control it\u0027s behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38165",
"url": "https://www.suse.com/security/cve/CVE-2025-38165"
},
{
"category": "external",
"summary": "SUSE Bug 1245757 for CVE-2025-38165",
"url": "https://bugzilla.suse.com/1245757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38165"
},
{
"cve": "CVE-2025-38166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38166"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix ktls panic with sockmap\n\n[ 2172.936997] ------------[ cut here ]------------\n[ 2172.936999] kernel BUG at lib/iov_iter.c:629!\n......\n[ 2172.944996] PKRU: 55555554\n[ 2172.945155] Call Trace:\n[ 2172.945299] \u003cTASK\u003e\n[ 2172.945428] ? die+0x36/0x90\n[ 2172.945601] ? do_trap+0xdd/0x100\n[ 2172.945795] ? iov_iter_revert+0x178/0x180\n[ 2172.946031] ? iov_iter_revert+0x178/0x180\n[ 2172.946267] ? do_error_trap+0x7d/0x110\n[ 2172.946499] ? iov_iter_revert+0x178/0x180\n[ 2172.946736] ? exc_invalid_op+0x50/0x70\n[ 2172.946961] ? iov_iter_revert+0x178/0x180\n[ 2172.947197] ? asm_exc_invalid_op+0x1a/0x20\n[ 2172.947446] ? iov_iter_revert+0x178/0x180\n[ 2172.947683] ? iov_iter_revert+0x5c/0x180\n[ 2172.947913] tls_sw_sendmsg_locked.isra.0+0x794/0x840\n[ 2172.948206] tls_sw_sendmsg+0x52/0x80\n[ 2172.948420] ? inet_sendmsg+0x1f/0x70\n[ 2172.948634] __sys_sendto+0x1cd/0x200\n[ 2172.948848] ? find_held_lock+0x2b/0x80\n[ 2172.949072] ? syscall_trace_enter+0x140/0x270\n[ 2172.949330] ? __lock_release.isra.0+0x5e/0x170\n[ 2172.949595] ? find_held_lock+0x2b/0x80\n[ 2172.949817] ? syscall_trace_enter+0x140/0x270\n[ 2172.950211] ? lockdep_hardirqs_on_prepare+0xda/0x190\n[ 2172.950632] ? ktime_get_coarse_real_ts64+0xc2/0xd0\n[ 2172.951036] __x64_sys_sendto+0x24/0x30\n[ 2172.951382] do_syscall_64+0x90/0x170\n......\n\nAfter calling bpf_exec_tx_verdict(), the size of msg_pl-\u003esg may increase,\ne.g., when the BPF program executes bpf_msg_push_data().\n\nIf the BPF program sets cork_bytes and sg.size is smaller than cork_bytes,\nit will return -ENOSPC and attempt to roll back to the non-zero copy\nlogic. However, during rollback, msg-\u003emsg_iter is reset, but since\nmsg_pl-\u003esg.size has been increased, subsequent executions will exceed the\nactual size of msg_iter.\n\u0027\u0027\u0027\niov_iter_revert(\u0026msg-\u003emsg_iter, msg_pl-\u003esg.size - orig_size);\n\u0027\u0027\u0027\n\nThe changes in this commit are based on the following considerations:\n\n1. When cork_bytes is set, rolling back to non-zero copy logic is\npointless and can directly go to zero-copy logic.\n\n2. We can not calculate the correct number of bytes to revert msg_iter.\n\nAssume the original data is \"abcdefgh\" (8 bytes), and after 3 pushes\nby the BPF program, it becomes 11-byte data: \"abc?de?fgh?\".\nThen, we set cork_bytes to 6, which means the first 6 bytes have been\nprocessed, and the remaining 5 bytes \"?fgh?\" will be cached until the\nlength meets the cork_bytes requirement.\n\nHowever, some data in \"?fgh?\" is not within \u0027sg-\u003emsg_iter\u0027\n(but in msg_pl instead), especially the data \"?\" we pushed.\n\nSo it doesn\u0027t seem as simple as just reverting through an offset of\nmsg_iter.\n\n3. For non-TLS sockets in tcp_bpf_sendmsg, when a \"cork\" situation occurs,\nthe user-space send() doesn\u0027t return an error, and the returned length is\nthe same as the input length parameter, even if some data is cached.\n\nAdditionally, I saw that the current non-zero-copy logic for handling\ncorking is written as:\n\u0027\u0027\u0027\nline 1177\nelse if (ret != -EAGAIN) {\n\tif (ret == -ENOSPC)\n\t\tret = 0;\n\tgoto send_end;\n\u0027\u0027\u0027\n\nSo it\u0027s ok to just return \u0027copied\u0027 without error when a \"cork\" situation\noccurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38166",
"url": "https://www.suse.com/security/cve/CVE-2025-38166"
},
{
"category": "external",
"summary": "SUSE Bug 1245758 for CVE-2025-38166",
"url": "https://bugzilla.suse.com/1245758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38166"
},
{
"cve": "CVE-2025-38173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: marvell/cesa - Handle zero-length skcipher requests\n\nDo not access random memory for zero-length skcipher requests.\nJust return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38173",
"url": "https://www.suse.com/security/cve/CVE-2025-38173"
},
{
"category": "external",
"summary": "SUSE Bug 1245769 for CVE-2025-38173",
"url": "https://bugzilla.suse.com/1245769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38173"
},
{
"cve": "CVE-2025-38174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38174"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Do not double dequeue a configuration request\n\nSome of our devices crash in tb_cfg_request_dequeue():\n\n general protection fault, probably for non-canonical address 0xdead000000000122\n\n CPU: 6 PID: 91007 Comm: kworker/6:2 Tainted: G U W 6.6.65\n RIP: 0010:tb_cfg_request_dequeue+0x2d/0xa0\n Call Trace:\n \u003cTASK\u003e\n ? tb_cfg_request_dequeue+0x2d/0xa0\n tb_cfg_request_work+0x33/0x80\n worker_thread+0x386/0x8f0\n kthread+0xed/0x110\n ret_from_fork+0x38/0x50\n ret_from_fork_asm+0x1b/0x30\n\nThe circumstances are unclear, however, the theory is that\ntb_cfg_request_work() can be scheduled twice for a request:\nfirst time via frame.callback from ring_work() and second\ntime from tb_cfg_request(). Both times kworkers will execute\ntb_cfg_request_dequeue(), which results in double list_del()\nfrom the ctl-\u003erequest_queue (the list poison deference hints\nat it: 0xdead000000000122).\n\nDo not dequeue requests that don\u0027t have TB_CFG_REQUEST_ACTIVE\nbit set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38174",
"url": "https://www.suse.com/security/cve/CVE-2025-38174"
},
{
"category": "external",
"summary": "SUSE Bug 1245781 for CVE-2025-38174",
"url": "https://bugzilla.suse.com/1245781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38174"
},
{
"cve": "CVE-2025-38177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38177",
"url": "https://www.suse.com/security/cve/CVE-2025-38177"
},
{
"category": "external",
"summary": "SUSE Bug 1245986 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1245986"
},
{
"category": "external",
"summary": "SUSE Bug 1246356 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1246356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38177"
},
{
"cve": "CVE-2025-38180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38180"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix /proc/net/atm/lec handling\n\n/proc/net/atm/lec must ensure safety against dev_lec[] changes.\n\nIt appears it had dev_put() calls without prior dev_hold(),\nleading to imbalance and UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38180",
"url": "https://www.suse.com/security/cve/CVE-2025-38180"
},
{
"category": "external",
"summary": "SUSE Bug 1245970 for CVE-2025-38180",
"url": "https://bugzilla.suse.com/1245970"
},
{
"category": "external",
"summary": "SUSE Bug 1245971 for CVE-2025-38180",
"url": "https://bugzilla.suse.com/1245971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38180"
},
{
"cve": "CVE-2025-38181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Fix null-ptr-deref in calipso_req_{set,del}attr().\n\nsyzkaller reported a null-ptr-deref in sock_omalloc() while allocating\na CALIPSO option. [0]\n\nThe NULL is of struct sock, which was fetched by sk_to_full_sk() in\ncalipso_req_setattr().\n\nSince commit a1a5344ddbe8 (\"tcp: avoid two atomic ops for syncookies\"),\nreqsk-\u003ersk_listener could be NULL when SYN Cookie is returned to its\nclient, as hinted by the leading SYN Cookie log.\n\nHere are 3 options to fix the bug:\n\n 1) Return 0 in calipso_req_setattr()\n 2) Return an error in calipso_req_setattr()\n 3) Alaways set rsk_listener\n\n1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie\nfor CALIPSO. 3) is also no go as there have been many efforts to reduce\natomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35\n(\"tcp/dccp: do not touch listener sk_refcnt under synflood\").\n\nAs of the blamed commit, SYN Cookie already did not need refcounting,\nand no one has stumbled on the bug for 9 years, so no CALIPSO user will\ncare about SYN Cookie.\n\nLet\u0027s return an error in calipso_req_setattr() and calipso_req_delattr()\nin the SYN Cookie case.\n\nThis can be reproduced by [1] on Fedora and now connect() of nc times out.\n\n[0]:\nTCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:read_pnet include/net/net_namespace.h:406 [inline]\nRIP: 0010:sock_net include/net/sock.h:655 [inline]\nRIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806\nCode: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b\nRSP: 0018:ffff88811af89038 EFLAGS: 00010216\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400\nRDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030\nRBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e\nR10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000\nR13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050\nFS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \u003cIRQ\u003e\n ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288\n calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204\n calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597\n netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249\n selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342\n selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551\n security_inet_conn_request+0x50/0xa0 security/security.c:4945\n tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825\n tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275\n tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328\n tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781\n tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667\n tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904\n ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436\n ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491\n dst_input include/net/dst.h:469 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38181",
"url": "https://www.suse.com/security/cve/CVE-2025-38181"
},
{
"category": "external",
"summary": "SUSE Bug 1246000 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246000"
},
{
"category": "external",
"summary": "SUSE Bug 1246001 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38181"
},
{
"cve": "CVE-2025-38182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: santizize the arguments from userspace when adding a device\n\nSanity check the values for queue depth and number of queues\nwe get from userspace when adding a device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38182",
"url": "https://www.suse.com/security/cve/CVE-2025-38182"
},
{
"category": "external",
"summary": "SUSE Bug 1245937 for CVE-2025-38182",
"url": "https://bugzilla.suse.com/1245937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38182"
},
{
"cve": "CVE-2025-38183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()\n\nBefore calling lan743x_ptp_io_event_clock_get(), the \u0027channel\u0027 value\nis checked against the maximum value of PCI11X1X_PTP_IO_MAX_CHANNELS(8).\nThis seems correct and aligns with the PTP interrupt status register\n(PTP_INT_STS) specifications.\n\nHowever, lan743x_ptp_io_event_clock_get() writes to ptp-\u003eextts[] with\nonly LAN743X_PTP_N_EXTTS(4) elements, using channel as an index:\n\n lan743x_ptp_io_event_clock_get(..., u8 channel,...)\n {\n ...\n /* Update Local timestamp */\n extts = \u0026ptp-\u003eextts[channel];\n extts-\u003ets.tv_sec = sec;\n ...\n }\n\nTo avoid an out-of-bounds write and utilize all the supported GPIO\ninputs, set LAN743X_PTP_N_EXTTS to 8.\n\nDetected using the static analysis tool - Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38183",
"url": "https://www.suse.com/security/cve/CVE-2025-38183"
},
{
"category": "external",
"summary": "SUSE Bug 1246006 for CVE-2025-38183",
"url": "https://bugzilla.suse.com/1246006"
},
{
"category": "external",
"summary": "SUSE Bug 1246007 for CVE-2025-38183",
"url": "https://bugzilla.suse.com/1246007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38183"
},
{
"cve": "CVE-2025-38187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix a use-after-free in r535_gsp_rpc_push()\n\nThe RPC container is released after being passed to r535_gsp_rpc_send().\n\nWhen sending the initial fragment of a large RPC and passing the\ncaller\u0027s RPC container, the container will be freed prematurely. Subsequent\nattempts to send remaining fragments will therefore result in a\nuse-after-free.\n\nAllocate a temporary RPC container for holding the initial fragment of a\nlarge RPC when sending. Free the caller\u0027s container when all fragments\nare successfully sent.\n\n[ Rebase onto Blackwell changes. - Danilo ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38187",
"url": "https://www.suse.com/security/cve/CVE-2025-38187"
},
{
"category": "external",
"summary": "SUSE Bug 1245951 for CVE-2025-38187",
"url": "https://bugzilla.suse.com/1245951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38187"
},
{
"cve": "CVE-2025-38188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a7xx: Call CP_RESET_CONTEXT_STATE\n\nCalling this packet is necessary when we switch contexts because there\nare various pieces of state used by userspace to synchronize between BR\nand BV that are persistent across submits and we need to make sure that\nthey are in a \"safe\" state when switching contexts. Otherwise a\nuserspace submission in one context could cause another context to\nfunction incorrectly and hang, effectively a denial of service (although\nwithout leaking data). This was missed during initial a7xx bringup.\n\nPatchwork: https://patchwork.freedesktop.org/patch/654924/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38188",
"url": "https://www.suse.com/security/cve/CVE-2025-38188"
},
{
"category": "external",
"summary": "SUSE Bug 1246098 for CVE-2025-38188",
"url": "https://bugzilla.suse.com/1246098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38188"
},
{
"cve": "CVE-2025-38192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38192"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: clear the dst when changing skb protocol\n\nA not-so-careful NAT46 BPF program can crash the kernel\nif it indiscriminately flips ingress packets from v4 to v6:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ip6_rcv_core (net/ipv6/ip6_input.c:190:20)\n ipv6_rcv (net/ipv6/ip6_input.c:306:8)\n process_backlog (net/core/dev.c:6186:4)\n napi_poll (net/core/dev.c:6906:9)\n net_rx_action (net/core/dev.c:7028:13)\n do_softirq (kernel/softirq.c:462:3)\n netif_rx (net/core/dev.c:5326:3)\n dev_loopback_xmit (net/core/dev.c:4015:2)\n ip_mc_finish_output (net/ipv4/ip_output.c:363:8)\n NF_HOOK (./include/linux/netfilter.h:314:9)\n ip_mc_output (net/ipv4/ip_output.c:400:5)\n dst_output (./include/net/dst.h:459:9)\n ip_local_out (net/ipv4/ip_output.c:130:9)\n ip_send_skb (net/ipv4/ip_output.c:1496:8)\n udp_send_skb (net/ipv4/udp.c:1040:8)\n udp_sendmsg (net/ipv4/udp.c:1328:10)\n\nThe output interface has a 4-\u003e6 program attached at ingress.\nWe try to loop the multicast skb back to the sending socket.\nIngress BPF runs as part of netif_rx(), pushes a valid v6 hdr\nand changes skb-\u003eprotocol to v6. We enter ip6_rcv_core which\ntries to use skb_dst(). But the dst is still an IPv4 one left\nafter IPv4 mcast output.\n\nClear the dst in all BPF helpers which change the protocol.\nTry to preserve metadata dsts, those may carry non-routing\nmetadata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38192",
"url": "https://www.suse.com/security/cve/CVE-2025-38192"
},
{
"category": "external",
"summary": "SUSE Bug 1245954 for CVE-2025-38192",
"url": "https://bugzilla.suse.com/1245954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38192"
},
{
"cve": "CVE-2025-38193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: reject invalid perturb period\n\nGerrard Tai reported that SFQ perturb_period has no range check yet,\nand this can be used to trigger a race condition fixed in a separate patch.\n\nWe want to make sure ctl-\u003eperturb_period * HZ will not overflow\nand is positive.\n\n\ntc qd add dev lo root sfq perturb -10 # negative value : error\nError: sch_sfq: invalid perturb period.\n\ntc qd add dev lo root sfq perturb 1000000000 # too big : error\nError: sch_sfq: invalid perturb period.\n\ntc qd add dev lo root sfq perturb 2000000 # acceptable value\ntc -s -d qd sh dev lo\nqdisc sfq 8005: root refcnt 2 limit 127p quantum 64Kb depth 127 flows 128 divisor 1024 perturb 2000000sec\n Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38193",
"url": "https://www.suse.com/security/cve/CVE-2025-38193"
},
{
"category": "external",
"summary": "SUSE Bug 1245945 for CVE-2025-38193",
"url": "https://bugzilla.suse.com/1245945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38193"
},
{
"cve": "CVE-2025-38194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: check that raw node were preallocated before writing summary\n\nSyzkaller detected a kernel bug in jffs2_link_node_ref, caused by fault\ninjection in jffs2_prealloc_raw_node_refs. jffs2_sum_write_sumnode doesn\u0027t\ncheck return value of jffs2_prealloc_raw_node_refs and simply lets any\nerror propagate into jffs2_sum_write_data, which eventually calls\njffs2_link_node_ref in order to link the summary to an expectedly allocated\nnode.\n\nkernel BUG at fs/jffs2/nodelist.c:592!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 31277 Comm: syz-executor.7 Not tainted 6.1.128-syzkaller-00139-ge10f83ca10a1 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:jffs2_link_node_ref+0x570/0x690 fs/jffs2/nodelist.c:592\nCall Trace:\n \u003cTASK\u003e\n jffs2_sum_write_data fs/jffs2/summary.c:841 [inline]\n jffs2_sum_write_sumnode+0xd1a/0x1da0 fs/jffs2/summary.c:874\n jffs2_do_reserve_space+0xa18/0xd60 fs/jffs2/nodemgmt.c:388\n jffs2_reserve_space+0x55f/0xaa0 fs/jffs2/nodemgmt.c:197\n jffs2_write_inode_range+0x246/0xb50 fs/jffs2/write.c:362\n jffs2_write_end+0x726/0x15d0 fs/jffs2/file.c:301\n generic_perform_write+0x314/0x5d0 mm/filemap.c:3856\n __generic_file_write_iter+0x2ae/0x4d0 mm/filemap.c:3973\n generic_file_write_iter+0xe3/0x350 mm/filemap.c:4005\n call_write_iter include/linux/fs.h:2265 [inline]\n do_iter_readv_writev+0x20f/0x3c0 fs/read_write.c:735\n do_iter_write+0x186/0x710 fs/read_write.c:861\n vfs_iter_write+0x70/0xa0 fs/read_write.c:902\n iter_file_splice_write+0x73b/0xc90 fs/splice.c:685\n do_splice_from fs/splice.c:763 [inline]\n direct_splice_actor+0x10c/0x170 fs/splice.c:950\n splice_direct_to_actor+0x337/0xa10 fs/splice.c:896\n do_splice_direct+0x1a9/0x280 fs/splice.c:1002\n do_sendfile+0xb13/0x12c0 fs/read_write.c:1255\n __do_sys_sendfile64 fs/read_write.c:1323 [inline]\n __se_sys_sendfile64 fs/read_write.c:1309 [inline]\n __x64_sys_sendfile64+0x1cf/0x210 fs/read_write.c:1309\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFix this issue by checking return value of jffs2_prealloc_raw_node_refs\nbefore calling jffs2_sum_write_data.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38194",
"url": "https://www.suse.com/security/cve/CVE-2025-38194"
},
{
"category": "external",
"summary": "SUSE Bug 1245957 for CVE-2025-38194",
"url": "https://bugzilla.suse.com/1245957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38194"
},
{
"cve": "CVE-2025-38197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell_rbu: Fix list usage\n\nPass the correct list head to list_for_each_entry*() when looping through\nthe packet list.\n\nWithout this patch, reading the packet data via sysfs will show the data\nincorrectly (because it starts at the wrong packet), and clearing the\npacket list will result in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38197",
"url": "https://www.suse.com/security/cve/CVE-2025-38197"
},
{
"category": "external",
"summary": "SUSE Bug 1246047 for CVE-2025-38197",
"url": "https://bugzilla.suse.com/1246047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38197"
},
{
"cve": "CVE-2025-38198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: Make sure modelist not set on unregistered console\n\nIt looks like attempting to write to the \"store_modes\" sysfs node will\nrun afoul of unregistered consoles:\n\nUBSAN: array-index-out-of-bounds in drivers/video/fbdev/core/fbcon.c:122:28\nindex -1 is out of range for type \u0027fb_info *[32]\u0027\n...\n fbcon_info_from_console+0x192/0x1a0 drivers/video/fbdev/core/fbcon.c:122\n fbcon_new_modelist+0xbf/0x2d0 drivers/video/fbdev/core/fbcon.c:3048\n fb_new_modelist+0x328/0x440 drivers/video/fbdev/core/fbmem.c:673\n store_modes+0x1c9/0x3e0 drivers/video/fbdev/core/fbsysfs.c:113\n dev_attr_store+0x55/0x80 drivers/base/core.c:2439\n\nstatic struct fb_info *fbcon_registered_fb[FB_MAX];\n...\nstatic signed char con2fb_map[MAX_NR_CONSOLES];\n...\nstatic struct fb_info *fbcon_info_from_console(int console)\n...\n return fbcon_registered_fb[con2fb_map[console]];\n\nIf con2fb_map contains a -1 things go wrong here. Instead, return NULL,\nas callers of fbcon_info_from_console() are trying to compare against\nexisting \"info\" pointers, so error handling should kick in correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38198",
"url": "https://www.suse.com/security/cve/CVE-2025-38198"
},
{
"category": "external",
"summary": "SUSE Bug 1245952 for CVE-2025-38198",
"url": "https://bugzilla.suse.com/1245952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38198"
},
{
"cve": "CVE-2025-38200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix MMIO write access to an invalid page in i40e_clear_hw\n\nWhen the device sends a specific input, an integer underflow can occur, leading\nto MMIO write access to an invalid page.\n\nPrevent the integer underflow by changing the type of related variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38200",
"url": "https://www.suse.com/security/cve/CVE-2025-38200"
},
{
"category": "external",
"summary": "SUSE Bug 1246045 for CVE-2025-38200",
"url": "https://bugzilla.suse.com/1246045"
},
{
"category": "external",
"summary": "SUSE Bug 1246046 for CVE-2025-38200",
"url": "https://bugzilla.suse.com/1246046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38200"
},
{
"cve": "CVE-2025-38202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()\n\nbpf_map_lookup_percpu_elem() helper is also available for sleepable bpf\nprogram. When BPF JIT is disabled or under 32-bit host,\nbpf_map_lookup_percpu_elem() will not be inlined. Using it in a\nsleepable bpf program will trigger the warning in\nbpf_map_lookup_percpu_elem(), because the bpf program only holds\nrcu_read_lock_trace lock. Therefore, add the missed check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38202",
"url": "https://www.suse.com/security/cve/CVE-2025-38202"
},
{
"category": "external",
"summary": "SUSE Bug 1245980 for CVE-2025-38202",
"url": "https://bugzilla.suse.com/1245980"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38202"
},
{
"cve": "CVE-2025-38203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix null-ptr-deref in jfs_ioc_trim\n\n[ Syzkaller Report ]\n\nOops: general protection fault, probably for non-canonical address\n0xdffffc0000000087: 0000 [#1\nKASAN: null-ptr-deref in range [0x0000000000000438-0x000000000000043f]\nCPU: 2 UID: 0 PID: 10614 Comm: syz-executor.0 Not tainted\n6.13.0-rc6-gfbfd64d25c7a-dirty #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nSched_ext: serialise (enabled+all), task: runnable_at=-30ms\nRIP: 0010:jfs_ioc_trim+0x34b/0x8f0\nCode: e7 e8 59 a4 87 fe 4d 8b 24 24 4d 8d bc 24 38 04 00 00 48 8d 93\n90 82 fe ff 4c 89 ff 31 f6\nRSP: 0018:ffffc900055f7cd0 EFLAGS: 00010206\nRAX: 0000000000000087 RBX: 00005866a9e67ff8 RCX: 000000000000000a\nRDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001\nRBP: dffffc0000000000 R08: ffff88807c180003 R09: 1ffff1100f830000\nR10: dffffc0000000000 R11: ffffed100f830001 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000438\nFS: 00007fe520225640(0000) GS:ffff8880b7e80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005593c91b2c88 CR3: 000000014927c000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __die_body+0x61/0xb0\n? die_addr+0xb1/0xe0\n? exc_general_protection+0x333/0x510\n? asm_exc_general_protection+0x26/0x30\n? jfs_ioc_trim+0x34b/0x8f0\njfs_ioctl+0x3c8/0x4f0\n? __pfx_jfs_ioctl+0x10/0x10\n? __pfx_jfs_ioctl+0x10/0x10\n__se_sys_ioctl+0x269/0x350\n? __pfx___se_sys_ioctl+0x10/0x10\n? do_syscall_64+0xfb/0x210\ndo_syscall_64+0xee/0x210\n? syscall_exit_to_user_mode+0x1e0/0x330\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe51f4903ad\nCode: c3 e8 a7 2b 00 00 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d\nRSP: 002b:00007fe5202250c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fe51f5cbf80 RCX: 00007fe51f4903ad\nRDX: 0000000020000680 RSI: 00000000c0185879 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe520225640\nR13: 000000000000000e R14: 00007fe51f44fca0 R15: 00007fe52021d000\n\u003c/TASK\u003e\nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:jfs_ioc_trim+0x34b/0x8f0\nCode: e7 e8 59 a4 87 fe 4d 8b 24 24 4d 8d bc 24 38 04 00 00 48 8d 93\n90 82 fe ff 4c 89 ff 31 f6\nRSP: 0018:ffffc900055f7cd0 EFLAGS: 00010206\nRAX: 0000000000000087 RBX: 00005866a9e67ff8 RCX: 000000000000000a\nRDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001\nRBP: dffffc0000000000 R08: ffff88807c180003 R09: 1ffff1100f830000\nR10: dffffc0000000000 R11: ffffed100f830001 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000438\nFS: 00007fe520225640(0000) GS:ffff8880b7e80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005593c91b2c88 CR3: 000000014927c000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nKernel panic - not syncing: Fatal exception\n\n[ Analysis ]\n\nWe believe that we have found a concurrency bug in the `fs/jfs` module\nthat results in a null pointer dereference. There is a closely related\nissue which has been fixed:\n\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6c1b3599b2feb5c7291f5ac3a36e5fa7cedb234\n\n... but, unfortunately, the accepted patch appears to still be\nsusceptible to a null pointer dereference under some interleavings.\n\nTo trigger the bug, we think that `JFS_SBI(ipbmap-\u003ei_sb)-\u003ebmap` is set\nto NULL in `dbFreeBits` and then dereferenced in `jfs_ioc_trim`. This\nbug manifests quite rarely under normal circumstances, but is\ntriggereable from a syz-program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38203",
"url": "https://www.suse.com/security/cve/CVE-2025-38203"
},
{
"category": "external",
"summary": "SUSE Bug 1246044 for CVE-2025-38203",
"url": "https://bugzilla.suse.com/1246044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38203"
},
{
"cve": "CVE-2025-38204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds read in add_missing_indices\n\nstbl is s8 but it must contain offsets into slot which can go from 0 to\n127.\n\nAdded a bound check for that error and return -EIO if the check fails.\nAlso make jfs_readdir return with error if add_missing_indices returns\nwith an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38204",
"url": "https://www.suse.com/security/cve/CVE-2025-38204"
},
{
"category": "external",
"summary": "SUSE Bug 1245983 for CVE-2025-38204",
"url": "https://bugzilla.suse.com/1245983"
},
{
"category": "external",
"summary": "SUSE Bug 1245984 for CVE-2025-38204",
"url": "https://bugzilla.suse.com/1245984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38204"
},
{
"cve": "CVE-2025-38206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix double free in delayed_free\n\nThe double free could happen in the following path.\n\nexfat_create_upcase_table()\n exfat_create_upcase_table() : return error\n exfat_free_upcase_table() : free -\u003evol_utbl\n exfat_load_default_upcase_table : return error\n exfat_kill_sb()\n delayed_free()\n exfat_free_upcase_table() \u003c--------- double free\nThis patch set -\u003evol_util as NULL after freeing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38206",
"url": "https://www.suse.com/security/cve/CVE-2025-38206"
},
{
"category": "external",
"summary": "SUSE Bug 1246073 for CVE-2025-38206",
"url": "https://bugzilla.suse.com/1246073"
},
{
"category": "external",
"summary": "SUSE Bug 1246075 for CVE-2025-38206",
"url": "https://bugzilla.suse.com/1246075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38206"
},
{
"cve": "CVE-2025-38210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nconfigfs-tsm-report: Fix NULL dereference of tsm_ops\n\nUnlike sysfs, the lifetime of configfs objects is controlled by\nuserspace. There is no mechanism for the kernel to find and delete all\ncreated config-items. Instead, the configfs-tsm-report mechanism has an\nexpectation that tsm_unregister() can happen at any time and cause\nestablished config-item access to start failing.\n\nThat expectation is not fully satisfied. While tsm_report_read(),\ntsm_report_{is,is_bin}_visible(), and tsm_report_make_item() safely fail\nif tsm_ops have been unregistered, tsm_report_privlevel_store()\ntsm_report_provider_show() fail to check for ops registration. Add the\nmissing checks for tsm_ops having been removed.\n\nNow, in supporting the ability for tsm_unregister() to always succeed,\nit leaves the problem of what to do with lingering config-items. The\nexpectation is that the admin that arranges for the -\u003eremove() (unbind)\nof the ${tsm_arch}-guest driver is also responsible for deletion of all\nopen config-items. Until that deletion happens, -\u003eprobe() (reload /\nbind) of the ${tsm_arch}-guest driver fails.\n\nThis allows for emergency shutdown / revocation of attestation\ninterfaces, and requires coordinated restart.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38210",
"url": "https://www.suse.com/security/cve/CVE-2025-38210"
},
{
"category": "external",
"summary": "SUSE Bug 1246020 for CVE-2025-38210",
"url": "https://bugzilla.suse.com/1246020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38210"
},
{
"cve": "CVE-2025-38211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix use-after-free of work objects after cm_id destruction\n\nThe commit 59c68ac31e15 (\"iw_cm: free cm_id resources on the last\nderef\") simplified cm_id resource management by freeing cm_id once all\nreferences to the cm_id were removed. The references are removed either\nupon completion of iw_cm event handlers or when the application destroys\nthe cm_id. This commit introduced the use-after-free condition where\ncm_id_private object could still be in use by event handler works during\nthe destruction of cm_id. The commit aee2424246f9 (\"RDMA/iwcm: Fix a\nuse-after-free related to destroying CM IDs\") addressed this use-after-\nfree by flushing all pending works at the cm_id destruction.\n\nHowever, still another use-after-free possibility remained. It happens\nwith the work objects allocated for each cm_id_priv within\nalloc_work_entries() during cm_id creation, and subsequently freed in\ndealloc_work_entries() once all references to the cm_id are removed.\nIf the cm_id\u0027s last reference is decremented in the event handler work,\nthe work object for the work itself gets removed, and causes the use-\nafter-free BUG below:\n\n BUG: KASAN: slab-use-after-free in __pwq_activate_work+0x1ff/0x250\n Read of size 8 at addr ffff88811f9cf800 by task kworker/u16:1/147091\n\n CPU: 2 UID: 0 PID: 147091 Comm: kworker/u16:1 Not tainted 6.15.0-rc2+ #27 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n Workqueue: 0x0 (iw_cm_wq)\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6a/0x90\n print_report+0x174/0x554\n ? __virt_addr_valid+0x208/0x430\n ? __pwq_activate_work+0x1ff/0x250\n kasan_report+0xae/0x170\n ? __pwq_activate_work+0x1ff/0x250\n __pwq_activate_work+0x1ff/0x250\n pwq_dec_nr_in_flight+0x8c5/0xfb0\n process_one_work+0xc11/0x1460\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x16c/0x240\n worker_thread+0x5ef/0xfd0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x3b0/0x770\n ? __pfx_kthread+0x10/0x10\n ? rcu_is_watching+0x11/0xb0\n ? _raw_spin_unlock_irq+0x24/0x50\n ? rcu_is_watching+0x11/0xb0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x30/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 147416:\n kasan_save_stack+0x2c/0x50\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0xa6/0xb0\n alloc_work_entries+0xa9/0x260 [iw_cm]\n iw_cm_connect+0x23/0x4a0 [iw_cm]\n rdma_connect_locked+0xbfd/0x1920 [rdma_cm]\n nvme_rdma_cm_handler+0x8e5/0x1b60 [nvme_rdma]\n cma_cm_event_handler+0xae/0x320 [rdma_cm]\n cma_work_handler+0x106/0x1b0 [rdma_cm]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Freed by task 147091:\n kasan_save_stack+0x2c/0x50\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kfree+0x13a/0x4b0\n dealloc_work_entries+0x125/0x1f0 [iw_cm]\n iwcm_deref_id+0x6f/0xa0 [iw_cm]\n cm_work_handler+0x136/0x1ba0 [iw_cm]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x2c/0x50\n kasan_record_aux_stack+0xa3/0xb0\n __queue_work+0x2ff/0x1390\n queue_work_on+0x67/0xc0\n cm_event_handler+0x46a/0x820 [iw_cm]\n siw_cm_upcall+0x330/0x650 [siw]\n siw_cm_work_handler+0x6b9/0x2b20 [siw]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThis BUG is reproducible by repeating the blktests test case nvme/061\nfor the rdma transport and the siw driver.\n\nTo avoid the use-after-free of cm_id_private work objects, ensure that\nthe last reference to the cm_id is decremented not in the event handler\nworks, but in the cm_id destruction context. For that purpose, mo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38211",
"url": "https://www.suse.com/security/cve/CVE-2025-38211"
},
{
"category": "external",
"summary": "SUSE Bug 1246008 for CVE-2025-38211",
"url": "https://bugzilla.suse.com/1246008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38211"
},
{
"cve": "CVE-2025-38212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc: fix to protect IPCS lookups using RCU\n\nsyzbot reported that it discovered a use-after-free vulnerability, [0]\n\n[0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/\n\nidr_for_each() is protected by rwsem, but this is not enough. If it is\nnot protected by RCU read-critical region, when idr_for_each() calls\nradix_tree_node_free() through call_rcu() to free the radix_tree_node\nstructure, the node will be freed immediately, and when reading the next\nnode in radix_tree_for_each_slot(), the already freed memory may be read.\n\nTherefore, we need to add code to make sure that idr_for_each() is\nprotected within the RCU read-critical region when we call it in\nshm_destroy_orphaned().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38212",
"url": "https://www.suse.com/security/cve/CVE-2025-38212"
},
{
"category": "external",
"summary": "SUSE Bug 1246029 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246029"
},
{
"category": "external",
"summary": "SUSE Bug 1246030 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38212"
},
{
"cve": "CVE-2025-38213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38213"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38213",
"url": "https://www.suse.com/security/cve/CVE-2025-38213"
},
{
"category": "external",
"summary": "SUSE Bug 1246037 for CVE-2025-38213",
"url": "https://bugzilla.suse.com/1246037"
},
{
"category": "external",
"summary": "SUSE Bug 1246039 for CVE-2025-38213",
"url": "https://bugzilla.suse.com/1246039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38213"
},
{
"cve": "CVE-2025-38214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38214"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var\n\nIf fb_add_videomode() in fb_set_var() fails to allocate memory for\nfb_videomode, later it may lead to a null-ptr dereference in\nfb_videomode_to_var(), as the fb_info is registered while not having the\nmode in modelist that is expected to be there, i.e. the one that is\ndescribed in fb_info-\u003evar.\n\n================================================================\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\nCall Trace:\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl fs/ioctl.c:739 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n================================================================\n\nThe reason is that fb_info-\u003evar is being modified in fb_set_var(), and\nthen fb_videomode_to_var() is called. If it fails to add the mode to\nfb_info-\u003emodelist, fb_set_var() returns error, but does not restore the\nold value of fb_info-\u003evar. Restore fb_info-\u003evar on failure the same way\nit is done earlier in the function.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38214",
"url": "https://www.suse.com/security/cve/CVE-2025-38214"
},
{
"category": "external",
"summary": "SUSE Bug 1246042 for CVE-2025-38214",
"url": "https://bugzilla.suse.com/1246042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38214"
},
{
"cve": "CVE-2025-38215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\n\nIf fb_add_videomode() in do_register_framebuffer() fails to allocate\nmemory for fb_videomode, it will later lead to a null-ptr dereference in\nfb_videomode_to_var(), as the fb_info is registered while not having the\nmode in modelist that is expected to be there, i.e. the one that is\ndescribed in fb_info-\u003evar.\n\n================================================================\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\nCall Trace:\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\n vfs_ioctl fs/ioctl.c:48 [inline]\n __do_sys_ioctl fs/ioctl.c:753 [inline]\n __se_sys_ioctl fs/ioctl.c:739 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n================================================================\n\nEven though fbcon_init() checks beforehand if fb_match_mode() in\nvar_to_display() fails, it can not prevent the panic because fbcon_init()\ndoes not return error code. Considering this and the comment in the code\nabout fb_match_mode() returning NULL - \"This should not happen\" - it is\nbetter to prevent registering the fb_info if its mode was not set\nsuccessfully. Also move fb_add_videomode() closer to the beginning of\ndo_register_framebuffer() to avoid having to do the cleanup on fail.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38215",
"url": "https://www.suse.com/security/cve/CVE-2025-38215"
},
{
"category": "external",
"summary": "SUSE Bug 1246109 for CVE-2025-38215",
"url": "https://bugzilla.suse.com/1246109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38215"
},
{
"cve": "CVE-2025-38217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (ftsteutates) Fix TOCTOU race in fts_read()\n\nIn the fts_read() function, when handling hwmon_pwm_auto_channels_temp,\nthe code accesses the shared variable data-\u003efan_source[channel] twice\nwithout holding any locks. It is first checked against\nFTS_FAN_SOURCE_INVALID, and if the check passes, it is read again\nwhen used as an argument to the BIT() macro.\n\nThis creates a Time-of-Check to Time-of-Use (TOCTOU) race condition.\nAnother thread executing fts_update_device() can modify the value of\ndata-\u003efan_source[channel] between the check and its use. If the value\nis changed to FTS_FAN_SOURCE_INVALID (0xff) during this window, the\nBIT() macro will be called with a large shift value (BIT(255)).\nA bit shift by a value greater than or equal to the type width is\nundefined behavior and can lead to a crash or incorrect values being\nreturned to userspace.\n\nFix this by reading data-\u003efan_source[channel] into a local variable\nonce, eliminating the race condition. Additionally, add a bounds check\nto ensure the value is less than BITS_PER_LONG before passing it to\nthe BIT() macro, making the code more robust against undefined behavior.\n\nThis possible bug was found by an experimental static analysis tool\ndeveloped by our team.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38217",
"url": "https://www.suse.com/security/cve/CVE-2025-38217"
},
{
"category": "external",
"summary": "SUSE Bug 1246002 for CVE-2025-38217",
"url": "https://bugzilla.suse.com/1246002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38217"
},
{
"cve": "CVE-2025-38220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38220"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: only dirty folios when data journaling regular files\n\nfstest generic/388 occasionally reproduces a crash that looks as\nfollows:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nCall Trace:\n \u003cTASK\u003e\n ext4_block_zero_page_range+0x30c/0x380 [ext4]\n ext4_truncate+0x436/0x440 [ext4]\n ext4_process_orphan+0x5d/0x110 [ext4]\n ext4_orphan_cleanup+0x124/0x4f0 [ext4]\n ext4_fill_super+0x262d/0x3110 [ext4]\n get_tree_bdev_flags+0x132/0x1d0\n vfs_get_tree+0x26/0xd0\n vfs_cmd_create+0x59/0xe0\n __do_sys_fsconfig+0x4ed/0x6b0\n do_syscall_64+0x82/0x170\n ...\n\nThis occurs when processing a symlink inode from the orphan list. The\npartial block zeroing code in the truncate path calls\next4_dirty_journalled_data() -\u003e folio_mark_dirty(). The latter calls\nmapping-\u003ea_ops-\u003edirty_folio(), but symlink inodes are not assigned an\na_ops vector in ext4, hence the crash.\n\nTo avoid this problem, update the ext4_dirty_journalled_data() helper to\nonly mark the folio dirty on regular files (for which a_ops is\nassigned). This also matches the journaling logic in the ext4_symlink()\ncreation path, where ext4_handle_dirty_metadata() is called directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38220",
"url": "https://www.suse.com/security/cve/CVE-2025-38220"
},
{
"category": "external",
"summary": "SUSE Bug 1245966 for CVE-2025-38220",
"url": "https://bugzilla.suse.com/1245966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38220"
},
{
"cve": "CVE-2025-38222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: inline: fix len overflow in ext4_prepare_inline_data\n\nWhen running the following code on an ext4 filesystem with inline_data\nfeature enabled, it will lead to the bug below.\n\n fd = open(\"file1\", O_RDWR | O_CREAT | O_TRUNC, 0666);\n ftruncate(fd, 30);\n pwrite(fd, \"a\", 1, (1UL \u003c\u003c 40) + 5UL);\n\nThat happens because write_begin will succeed as when\next4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len\nwill be truncated, leading to ext4_prepare_inline_data parameter to be 6\ninstead of 0x10000000006.\n\nThen, later when write_end is called, we hit:\n\n BUG_ON(pos + len \u003e EXT4_I(inode)-\u003ei_inline_size);\n\nat ext4_write_inline_data.\n\nFix it by using a loff_t type for the len parameter in\next4_prepare_inline_data instead of an unsigned int.\n\n[ 44.545164] ------------[ cut here ]------------\n[ 44.545530] kernel BUG at fs/ext4/inline.c:240!\n[ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb\n[ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100\n[ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b \u003c0f\u003e 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49\n[ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216\n[ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006\n[ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738\n[ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000\n[ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738\n[ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000\n[ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0\n[ 44.546523] PKRU: 55555554\n[ 44.546523] Call Trace:\n[ 44.546523] \u003cTASK\u003e\n[ 44.546523] ext4_write_inline_data_end+0x126/0x2d0\n[ 44.546523] generic_perform_write+0x17e/0x270\n[ 44.546523] ext4_buffered_write_iter+0xc8/0x170\n[ 44.546523] vfs_write+0x2be/0x3e0\n[ 44.546523] __x64_sys_pwrite64+0x6d/0xc0\n[ 44.546523] do_syscall_64+0x6a/0xf0\n[ 44.546523] ? __wake_up+0x89/0xb0\n[ 44.546523] ? xas_find+0x72/0x1c0\n[ 44.546523] ? next_uptodate_folio+0x317/0x330\n[ 44.546523] ? set_pte_range+0x1a6/0x270\n[ 44.546523] ? filemap_map_pages+0x6ee/0x840\n[ 44.546523] ? ext4_setattr+0x2fa/0x750\n[ 44.546523] ? do_pte_missing+0x128/0xf70\n[ 44.546523] ? security_inode_post_setattr+0x3e/0xd0\n[ 44.546523] ? ___pte_offset_map+0x19/0x100\n[ 44.546523] ? handle_mm_fault+0x721/0xa10\n[ 44.546523] ? do_user_addr_fault+0x197/0x730\n[ 44.546523] ? do_syscall_64+0x76/0xf0\n[ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60\n[ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 44.546523] RIP: 0033:0x7f42999c6687\n[ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\n[ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012\n[ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687\n[ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003\n[ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000\n[ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38222",
"url": "https://www.suse.com/security/cve/CVE-2025-38222"
},
{
"category": "external",
"summary": "SUSE Bug 1245976 for CVE-2025-38222",
"url": "https://bugzilla.suse.com/1245976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38222"
},
{
"cve": "CVE-2025-38225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38225"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Cleanup after an allocation error\n\nWhen allocation failures are not cleaned up by the driver, further\nallocation errors will be false-positives, which will cause buffers to\nremain uninitialized and cause NULL pointer dereferences.\nEnsure proper cleanup of failed allocations to prevent these issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38225",
"url": "https://www.suse.com/security/cve/CVE-2025-38225"
},
{
"category": "external",
"summary": "SUSE Bug 1246041 for CVE-2025-38225",
"url": "https://bugzilla.suse.com/1246041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38225"
},
{
"cve": "CVE-2025-38226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vivid: Change the siize of the composing\n\nsyzkaller found a bug:\n\nBUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline]\nBUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x1a9c/0x5af0 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2705\nWrite of size 1440 at addr ffffc9000d0ffda0 by task vivid-000-vid-c/5304\n\nCPU: 0 UID: 0 PID: 5304 Comm: vivid-000-vid-c Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n tpg_fill_plane_pattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 [inline]\n tpg_fill_plane_buffer+0x1a9c/0x5af0 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2705\n vivid_fillbuff drivers/media/test-drivers/vivid/vivid-kthread-cap.c:470 [inline]\n vivid_thread_vid_cap_tick+0xf8e/0x60d0 drivers/media/test-drivers/vivid/vivid-kthread-cap.c:629\n vivid_thread_vid_cap+0x8aa/0xf30 drivers/media/test-drivers/vivid/vivid-kthread-cap.c:767\n kthread+0x7a9/0x920 kernel/kthread.c:464\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe composition size cannot be larger than the size of fmt_cap_rect.\nSo execute v4l2_rect_map_inside() even if has_compose_cap == 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38226",
"url": "https://www.suse.com/security/cve/CVE-2025-38226"
},
{
"category": "external",
"summary": "SUSE Bug 1246050 for CVE-2025-38226",
"url": "https://bugzilla.suse.com/1246050"
},
{
"category": "external",
"summary": "SUSE Bug 1246051 for CVE-2025-38226",
"url": "https://bugzilla.suse.com/1246051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38226"
},
{
"cve": "CVE-2025-38227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Terminating the subsequent process of initialization failure\n\nsyzbot reported a slab-use-after-free Read in vidtv_mux_init. [1]\n\nAfter PSI initialization fails, the si member is accessed again, resulting\nin this uaf.\n\nAfter si initialization fails, the subsequent process needs to be exited.\n\n[1]\nBUG: KASAN: slab-use-after-free in vidtv_mux_pid_ctx_init drivers/media/test-drivers/vidtv/vidtv_mux.c:78 [inline]\nBUG: KASAN: slab-use-after-free in vidtv_mux_init+0xac2/0xbe0 drivers/media/test-drivers/vidtv/vidtv_mux.c:524\nRead of size 8 at addr ffff88802fa42acc by task syz.2.37/6059\n\nCPU: 0 UID: 0 PID: 6059 Comm: syz.2.37 Not tainted 6.14.0-rc5-syzkaller #0\nHardware name: Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:94 [inline]\ndump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\nprint_address_description mm/kasan/report.c:408 [inline]\nprint_report+0xc3/0x670 mm/kasan/report.c:521\nkasan_report+0xd9/0x110 mm/kasan/report.c:634\nvidtv_mux_pid_ctx_init drivers/media/test-drivers/vidtv/vidtv_mux.c:78\nvidtv_mux_init+0xac2/0xbe0 drivers/media/test-drivers/vidtv/vidtv_mux.c:524\nvidtv_start_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:194\nvidtv_start_feed drivers/media/test-drivers/vidtv/vidtv_bridge.c:239\ndmx_section_feed_start_filtering drivers/media/dvb-core/dvb_demux.c:973\ndvb_dmxdev_feed_start drivers/media/dvb-core/dmxdev.c:508 [inline]\ndvb_dmxdev_feed_restart.isra.0 drivers/media/dvb-core/dmxdev.c:537\ndvb_dmxdev_filter_stop+0x2b4/0x3a0 drivers/media/dvb-core/dmxdev.c:564\ndvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\ndvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n__fput+0x3ff/0xb70 fs/file_table.c:464\ntask_work_run+0x14e/0x250 kernel/task_work.c:227\nexit_task_work include/linux/task_work.h:40 [inline]\ndo_exit+0xad8/0x2d70 kernel/exit.c:938\ndo_group_exit+0xd3/0x2a0 kernel/exit.c:1087\n__do_sys_exit_group kernel/exit.c:1098 [inline]\n__se_sys_exit_group kernel/exit.c:1096 [inline]\n__x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1096\nx64_sys_call+0x151f/0x1720 arch/x86/include/generated/asm/syscalls_64.h:232\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f871d58d169\nCode: Unable to access opcode bytes at 0x7f871d58d13f.\nRSP: 002b:00007fff4b19a788 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f871d58d169\nRDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 00007fff4b19a7ec R08: 0000000b4b19a87f R09: 00000000000927c0\nR10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000003\nR13: 00000000000927c0 R14: 000000000001d553 R15: 00007fff4b19a840\n \u003c/TASK\u003e\n\nAllocated by task 6059:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n vidtv_psi_pat_table_init drivers/media/test-drivers/vidtv/vidtv_psi.c:970\n vidtv_channel_si_init drivers/media/test-drivers/vidtv/vidtv_channel.c:423\n vidtv_mux_init drivers/media/test-drivers/vidtv/vidtv_mux.c:519\n vidtv_start_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:194\n vidtv_start_feed drivers/media/test-drivers/vidtv/vidtv_bridge.c:239\n dmx_section_feed_start_filtering drivers/media/dvb-core/dvb_demux.c:973\n dvb_dmxdev_feed_start drivers/media/dvb-core/dmxdev.c:508 [inline]\n dvb_dmxdev_feed_restart.isra.0 drivers/media/dvb-core/dmxdev.c:537\n dvb_dmxdev_filter_stop+0x2b4/0x3a0 drivers/media/dvb-core/dmxdev.c:564\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3ff/0xb70 fs/file_tabl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38227",
"url": "https://www.suse.com/security/cve/CVE-2025-38227"
},
{
"category": "external",
"summary": "SUSE Bug 1246031 for CVE-2025-38227",
"url": "https://bugzilla.suse.com/1246031"
},
{
"category": "external",
"summary": "SUSE Bug 1246032 for CVE-2025-38227",
"url": "https://bugzilla.suse.com/1246032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38227"
},
{
"cve": "CVE-2025-38229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cxusb: no longer judge rbuf when the write fails\n\nsyzbot reported a uninit-value in cxusb_i2c_xfer. [1]\n\nOnly when the write operation of usb_bulk_msg() in dvb_usb_generic_rw()\nsucceeds and rlen is greater than 0, the read operation of usb_bulk_msg()\nwill be executed to read rlen bytes of data from the dvb device into the\nrbuf.\n\nIn this case, although rlen is 1, the write operation failed which resulted\nin the dvb read operation not being executed, and ultimately variable i was\nnot initialized.\n\n[1]\nBUG: KMSAN: uninit-value in cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\nBUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\n cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n __i2c_transfer+0xe25/0x3150 drivers/i2c/i2c-core-base.c:-1\n i2c_transfer+0x317/0x4a0 drivers/i2c/i2c-core-base.c:2315\n i2c_transfer_buffer_flags+0x125/0x1e0 drivers/i2c/i2c-core-base.c:2343\n i2c_master_send include/linux/i2c.h:109 [inline]\n i2cdev_write+0x210/0x280 drivers/i2c/i2c-dev.c:183\n do_loop_readv_writev fs/read_write.c:848 [inline]\n vfs_writev+0x963/0x14e0 fs/read_write.c:1057\n do_writev+0x247/0x5c0 fs/read_write.c:1101\n __do_sys_writev fs/read_write.c:1169 [inline]\n __se_sys_writev fs/read_write.c:1166 [inline]\n __x64_sys_writev+0x98/0xe0 fs/read_write.c:1166\n x64_sys_call+0x2229/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:21\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38229",
"url": "https://www.suse.com/security/cve/CVE-2025-38229"
},
{
"category": "external",
"summary": "SUSE Bug 1246049 for CVE-2025-38229",
"url": "https://bugzilla.suse.com/1246049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38229"
},
{
"cve": "CVE-2025-38231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Initialize ssc before laundromat_work to prevent NULL dereference\n\nIn nfs4_state_start_net(), laundromat_work may access nfsd_ssc through\nnfs4_laundromat -\u003e nfsd4_ssc_expire_umount. If nfsd_ssc isn\u0027t initialized,\nthis can cause NULL pointer dereference.\n\nNormally the delayed start of laundromat_work allows sufficient time for\nnfsd_ssc initialization to complete. However, when the kernel waits too\nlong for userspace responses (e.g. in nfs4_state_start_net -\u003e\nnfsd4_end_grace -\u003e nfsd4_record_grace_done -\u003e nfsd4_cld_grace_done -\u003e\ncld_pipe_upcall -\u003e __cld_pipe_upcall -\u003e wait_for_completion path), the\ndelayed work may start before nfsd_ssc initialization finishes.\n\nFix this by moving nfsd_ssc initialization before starting laundromat_work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38231",
"url": "https://www.suse.com/security/cve/CVE-2025-38231"
},
{
"category": "external",
"summary": "SUSE Bug 1246055 for CVE-2025-38231",
"url": "https://bugzilla.suse.com/1246055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38231"
},
{
"cve": "CVE-2025-38236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Don\u0027t leave consecutive consumed OOB skbs.\n\nJann Horn reported a use-after-free in unix_stream_read_generic().\n\nThe following sequences reproduce the issue:\n\n $ python3\n from socket import *\n s1, s2 = socketpair(AF_UNIX, SOCK_STREAM)\n s1.send(b\u0027x\u0027, MSG_OOB)\n s2.recv(1, MSG_OOB) # leave a consumed OOB skb\n s1.send(b\u0027y\u0027, MSG_OOB)\n s2.recv(1, MSG_OOB) # leave a consumed OOB skb\n s1.send(b\u0027z\u0027, MSG_OOB)\n s2.recv(1) # recv \u0027z\u0027 illegally\n s2.recv(1, MSG_OOB) # access \u0027z\u0027 skb (use-after-free)\n\nEven though a user reads OOB data, the skb holding the data stays on\nthe recv queue to mark the OOB boundary and break the next recv().\n\nAfter the last send() in the scenario above, the sk2\u0027s recv queue has\n2 leading consumed OOB skbs and 1 real OOB skb.\n\nThen, the following happens during the next recv() without MSG_OOB\n\n 1. unix_stream_read_generic() peeks the first consumed OOB skb\n 2. manage_oob() returns the next consumed OOB skb\n 3. unix_stream_read_generic() fetches the next not-yet-consumed OOB skb\n 4. unix_stream_read_generic() reads and frees the OOB skb\n\n, and the last recv(MSG_OOB) triggers KASAN splat.\n\nThe 3. above occurs because of the SO_PEEK_OFF code, which does not\nexpect unix_skb_len(skb) to be 0, but this is true for such consumed\nOOB skbs.\n\n while (skip \u003e= unix_skb_len(skb)) {\n skip -= unix_skb_len(skb);\n skb = skb_peek_next(skb, \u0026sk-\u003esk_receive_queue);\n ...\n }\n\nIn addition to this use-after-free, there is another issue that\nioctl(SIOCATMARK) does not function properly with consecutive consumed\nOOB skbs.\n\nSo, nothing good comes out of such a situation.\n\nInstead of complicating manage_oob(), ioctl() handling, and the next\nECONNRESET fix by introducing a loop for consecutive consumed OOB skbs,\nlet\u0027s not leave such consecutive OOB unnecessarily.\n\nNow, while receiving an OOB skb in unix_stream_recv_urg(), if its\nprevious skb is a consumed OOB skb, it is freed.\n\n[0]:\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027)\nRead of size 4 at addr ffff888106ef2904 by task python3/315\n\nCPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:636)\n unix_stream_read_actor (net/unix/af_unix.c:3027)\n unix_stream_read_generic (net/unix/af_unix.c:2708 net/unix/af_unix.c:2847)\n unix_stream_recvmsg (net/unix/af_unix.c:3048)\n sock_recvmsg (net/socket.c:1063 (discriminator 20) net/socket.c:1085 (discriminator 20))\n __sys_recvfrom (net/socket.c:2278)\n __x64_sys_recvfrom (net/socket.c:2291 (discriminator 1) net/socket.c:2287 (discriminator 1) net/socket.c:2287 (discriminator 1))\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f8911fcea06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007fffdb0dccb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007fffdb0dcdc8 RCX: 00007f8911fcea06\nRDX: 0000000000000001 RSI: 00007f8911a5e060 RDI: 0000000000000006\nRBP: 00007fffdb0dccd0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000202 R12: 00007f89119a7d20\nR13: ffffffffc4653600 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nAllocated by task 315:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:348)\n kmem_cache_alloc_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38236",
"url": "https://www.suse.com/security/cve/CVE-2025-38236"
},
{
"category": "external",
"summary": "SUSE Bug 1246093 for CVE-2025-38236",
"url": "https://bugzilla.suse.com/1246093"
},
{
"category": "external",
"summary": "SUSE Bug 1246936 for CVE-2025-38236",
"url": "https://bugzilla.suse.com/1246936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38236"
},
{
"cve": "CVE-2025-38239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix invalid node index\n\nOn a system with DRAM interleave enabled, out-of-bound access is\ndetected:\n\nmegaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28\nindex -1 is out of range for type \u0027cpumask *[1024]\u0027\ndump_stack_lvl+0x5d/0x80\nubsan_epilogue+0x5/0x2b\n__ubsan_handle_out_of_bounds.cold+0x46/0x4b\nmegasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas]\nmegasas_probe_one.cold+0xa4d/0x189c [megaraid_sas]\nlocal_pci_probe+0x42/0x90\npci_device_probe+0xdc/0x290\nreally_probe+0xdb/0x340\n__driver_probe_device+0x78/0x110\ndriver_probe_device+0x1f/0xa0\n__driver_attach+0xba/0x1c0\nbus_for_each_dev+0x8b/0xe0\nbus_add_driver+0x142/0x220\ndriver_register+0x72/0xd0\nmegasas_init+0xdf/0xff0 [megaraid_sas]\ndo_one_initcall+0x57/0x310\ndo_init_module+0x90/0x250\ninit_module_from_file+0x85/0xc0\nidempotent_init_module+0x114/0x310\n__x64_sys_finit_module+0x65/0xc0\ndo_syscall_64+0x82/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFix it accordingly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38239",
"url": "https://www.suse.com/security/cve/CVE-2025-38239"
},
{
"category": "external",
"summary": "SUSE Bug 1246178 for CVE-2025-38239",
"url": "https://bugzilla.suse.com/1246178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38239"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when reconnecting channels\n\nFix cifs_signal_cifsd_for_reconnect() to take the correct lock order\nand prevent the following deadlock from happening\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.16.0-rc3-build2+ #1301 Tainted: G S W\n------------------------------------------------------\ncifsd/6055 is trying to acquire lock:\nffff88810ad56038 (\u0026tcp_ses-\u003esrv_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x134/0x200\n\nbut task is already holding lock:\nffff888119c64330 (\u0026ret_buf-\u003echan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #2 (\u0026ret_buf-\u003echan_lock){+.+.}-{3:3}:\n validate_chain+0x1cf/0x270\n __lock_acquire+0x60e/0x780\n lock_acquire.part.0+0xb4/0x1f0\n _raw_spin_lock+0x2f/0x40\n cifs_setup_session+0x81/0x4b0\n cifs_get_smb_ses+0x771/0x900\n cifs_mount_get_session+0x7e/0x170\n cifs_mount+0x92/0x2d0\n cifs_smb3_do_mount+0x161/0x460\n smb3_get_tree+0x55/0x90\n vfs_get_tree+0x46/0x180\n do_new_mount+0x1b0/0x2e0\n path_mount+0x6ee/0x740\n do_mount+0x98/0xe0\n __do_sys_mount+0x148/0x180\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n-\u003e #1 (\u0026ret_buf-\u003eses_lock){+.+.}-{3:3}:\n validate_chain+0x1cf/0x270\n __lock_acquire+0x60e/0x780\n lock_acquire.part.0+0xb4/0x1f0\n _raw_spin_lock+0x2f/0x40\n cifs_match_super+0x101/0x320\n sget+0xab/0x270\n cifs_smb3_do_mount+0x1e0/0x460\n smb3_get_tree+0x55/0x90\n vfs_get_tree+0x46/0x180\n do_new_mount+0x1b0/0x2e0\n path_mount+0x6ee/0x740\n do_mount+0x98/0xe0\n __do_sys_mount+0x148/0x180\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n-\u003e #0 (\u0026tcp_ses-\u003esrv_lock){+.+.}-{3:3}:\n check_noncircular+0x95/0xc0\n check_prev_add+0x115/0x2f0\n validate_chain+0x1cf/0x270\n __lock_acquire+0x60e/0x780\n lock_acquire.part.0+0xb4/0x1f0\n _raw_spin_lock+0x2f/0x40\n cifs_signal_cifsd_for_reconnect+0x134/0x200\n __cifs_reconnect+0x8f/0x500\n cifs_handle_standard+0x112/0x280\n cifs_demultiplex_thread+0x64d/0xbc0\n kthread+0x2f7/0x310\n ret_from_fork+0x2a/0x230\n ret_from_fork_asm+0x1a/0x30\n\nother info that might help us debug this:\n\nChain exists of:\n \u0026tcp_ses-\u003esrv_lock --\u003e \u0026ret_buf-\u003eses_lock --\u003e \u0026ret_buf-\u003echan_lock\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026ret_buf-\u003echan_lock);\n lock(\u0026ret_buf-\u003eses_lock);\n lock(\u0026ret_buf-\u003echan_lock);\n lock(\u0026tcp_ses-\u003esrv_lock);\n\n *** DEADLOCK ***\n\n3 locks held by cifsd/6055:\n #0: ffffffff857de398 (\u0026cifs_tcp_ses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x7b/0x200\n #1: ffff888119c64060 (\u0026ret_buf-\u003eses_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0x9c/0x200\n #2: ffff888119c64330 (\u0026ret_buf-\u003echan_lock){+.+.}-{3:3}, at: cifs_signal_cifsd_for_reconnect+0xcf/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38244",
"url": "https://www.suse.com/security/cve/CVE-2025-38244"
},
{
"category": "external",
"summary": "SUSE Bug 1246183 for CVE-2025-38244",
"url": "https://bugzilla.suse.com/1246183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38244"
},
{
"cve": "CVE-2025-38246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38246"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: properly flush XDP redirect lists\n\nWe encountered following crash when testing a XDP_REDIRECT feature\nin production:\n\n[56251.579676] list_add corruption. next-\u003eprev should be prev (ffff93120dd40f30), but was ffffb301ef3a6740. (next=ffff93120dd\n40f30).\n[56251.601413] ------------[ cut here ]------------\n[56251.611357] kernel BUG at lib/list_debug.c:29!\n[56251.621082] Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[56251.632073] CPU: 111 UID: 0 PID: 0 Comm: swapper/111 Kdump: loaded Tainted: P O 6.12.33-cloudflare-2025.6.\n3 #1\n[56251.653155] Tainted: [P]=PROPRIETARY_MODULE, [O]=OOT_MODULE\n[56251.663877] Hardware name: MiTAC GC68B-B8032-G11P6-GPU/S8032GM-HE-CFR, BIOS V7.020.B10-sig 01/22/2025\n[56251.682626] RIP: 0010:__list_add_valid_or_report+0x4b/0xa0\n[56251.693203] Code: 0e 48 c7 c7 68 e7 d9 97 e8 42 16 fe ff 0f 0b 48 8b 52 08 48 39 c2 74 14 48 89 f1 48 c7 c7 90 e7 d9 97 48\n 89 c6 e8 25 16 fe ff \u003c0f\u003e 0b 4c 8b 02 49 39 f0 74 14 48 89 d1 48 c7 c7 e8 e7 d9 97 4c 89\n[56251.725811] RSP: 0018:ffff93120dd40b80 EFLAGS: 00010246\n[56251.736094] RAX: 0000000000000075 RBX: ffffb301e6bba9d8 RCX: 0000000000000000\n[56251.748260] RDX: 0000000000000000 RSI: ffff9149afda0b80 RDI: ffff9149afda0b80\n[56251.760349] RBP: ffff9131e49c8000 R08: 0000000000000000 R09: ffff93120dd40a18\n[56251.772382] R10: ffff9159cf2ce1a8 R11: 0000000000000003 R12: ffff911a80850000\n[56251.784364] R13: ffff93120fbc7000 R14: 0000000000000010 R15: ffff9139e7510e40\n[56251.796278] FS: 0000000000000000(0000) GS:ffff9149afd80000(0000) knlGS:0000000000000000\n[56251.809133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[56251.819561] CR2: 00007f5e85e6f300 CR3: 00000038b85e2006 CR4: 0000000000770ef0\n[56251.831365] PKRU: 55555554\n[56251.838653] Call Trace:\n[56251.845560] \u003cIRQ\u003e\n[56251.851943] cpu_map_enqueue.cold+0x5/0xa\n[56251.860243] xdp_do_redirect+0x2d9/0x480\n[56251.868388] bnxt_rx_xdp+0x1d8/0x4c0 [bnxt_en]\n[56251.877028] bnxt_rx_pkt+0x5f7/0x19b0 [bnxt_en]\n[56251.885665] ? cpu_max_write+0x1e/0x100\n[56251.893510] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.902276] __bnxt_poll_work+0x190/0x340 [bnxt_en]\n[56251.911058] bnxt_poll+0xab/0x1b0 [bnxt_en]\n[56251.919041] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.927568] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.935958] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.944250] __napi_poll+0x2b/0x160\n[56251.951155] bpf_trampoline_6442548651+0x79/0x123\n[56251.959262] __napi_poll+0x5/0x160\n[56251.966037] net_rx_action+0x3d2/0x880\n[56251.973133] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.981265] ? srso_alias_return_thunk+0x5/0xfbef5\n[56251.989262] ? __hrtimer_run_queues+0x162/0x2a0\n[56251.996967] ? srso_alias_return_thunk+0x5/0xfbef5\n[56252.004875] ? srso_alias_return_thunk+0x5/0xfbef5\n[56252.012673] ? bnxt_msix+0x62/0x70 [bnxt_en]\n[56252.019903] handle_softirqs+0xcf/0x270\n[56252.026650] irq_exit_rcu+0x67/0x90\n[56252.032933] common_interrupt+0x85/0xa0\n[56252.039498] \u003c/IRQ\u003e\n[56252.044246] \u003cTASK\u003e\n[56252.048935] asm_common_interrupt+0x26/0x40\n[56252.055727] RIP: 0010:cpuidle_enter_state+0xb8/0x420\n[56252.063305] Code: dc 01 00 00 e8 f9 79 3b ff e8 64 f7 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 a5 32 3a ff 45 84 ff 0f 85 ae\n 01 00 00 fb 45 85 f6 \u003c0f\u003e 88 88 01 00 00 48 8b 04 24 49 63 ce 4c 89 ea 48 6b f1 68 48 29\n[56252.088911] RSP: 0018:ffff93120c97fe98 EFLAGS: 00000202\n[56252.096912] RAX: ffff9149afd80000 RBX: ffff9141d3a72800 RCX: 0000000000000000\n[56252.106844] RDX: 00003329176c6b98 RSI: ffffffe36db3fdc7 RDI: 0000000000000000\n[56252.116733] RBP: 0000000000000002 R08: 0000000000000002 R09: 000000000000004e\n[56252.126652] R10: ffff9149afdb30c4 R11: 071c71c71c71c71c R12: ffffffff985ff860\n[56252.136637] R13: 00003329176c6b98 R14: 0000000000000002 R15: 0000000000000000\n[56252.146667] ? cpuidle_enter_state+0xab/0x420\n[56252.153909] cpuidle_enter+0x2d/0x40\n[56252.160360] do_idle+0x176/0x1c0\n[56252.166456\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38246",
"url": "https://www.suse.com/security/cve/CVE-2025-38246"
},
{
"category": "external",
"summary": "SUSE Bug 1246195 for CVE-2025-38246",
"url": "https://bugzilla.suse.com/1246195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38246"
},
{
"cve": "CVE-2025-38248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: mcast: Fix use-after-free during router port configuration\n\nThe bridge maintains a global list of ports behind which a multicast\nrouter resides. The list is consulted during forwarding to ensure\nmulticast packets are forwarded to these ports even if the ports are not\nmember in the matching MDB entry.\n\nWhen per-VLAN multicast snooping is enabled, the per-port multicast\ncontext is disabled on each port and the port is removed from the global\nrouter port list:\n\n # ip link add name br1 up type bridge vlan_filtering 1 mcast_snooping 1\n # ip link add name dummy1 up master br1 type dummy\n # ip link set dev dummy1 type bridge_slave mcast_router 2\n $ bridge -d mdb show | grep router\n router ports on br1: dummy1\n # ip link set dev br1 type bridge mcast_vlan_snooping 1\n $ bridge -d mdb show | grep router\n\nHowever, the port can be re-added to the global list even when per-VLAN\nmulticast snooping is enabled:\n\n # ip link set dev dummy1 type bridge_slave mcast_router 0\n # ip link set dev dummy1 type bridge_slave mcast_router 2\n $ bridge -d mdb show | grep router\n router ports on br1: dummy1\n\nSince commit 4b30ae9adb04 (\"net: bridge: mcast: re-implement\nbr_multicast_{enable, disable}_port functions\"), when per-VLAN multicast\nsnooping is enabled, multicast disablement on a port will disable the\nper-{port, VLAN} multicast contexts and not the per-port one. As a\nresult, a port will remain in the global router port list even after it\nis deleted. This will lead to a use-after-free [1] when the list is\ntraversed (when adding a new port to the list, for example):\n\n # ip link del dev dummy1\n # ip link add name dummy2 up master br1 type dummy\n # ip link set dev dummy2 type bridge_slave mcast_router 2\n\nSimilarly, stale entries can also be found in the per-VLAN router port\nlist. When per-VLAN multicast snooping is disabled, the per-{port, VLAN}\ncontexts are disabled on each port and the port is removed from the\nper-VLAN router port list:\n\n # ip link add name br1 up type bridge vlan_filtering 1 mcast_snooping 1 mcast_vlan_snooping 1\n # ip link add name dummy1 up master br1 type dummy\n # bridge vlan add vid 2 dev dummy1\n # bridge vlan global set vid 2 dev br1 mcast_snooping 1\n # bridge vlan set vid 2 dev dummy1 mcast_router 2\n $ bridge vlan global show dev br1 vid 2 | grep router\n router ports: dummy1\n # ip link set dev br1 type bridge mcast_vlan_snooping 0\n $ bridge vlan global show dev br1 vid 2 | grep router\n\nHowever, the port can be re-added to the per-VLAN list even when\nper-VLAN multicast snooping is disabled:\n\n # bridge vlan set vid 2 dev dummy1 mcast_router 0\n # bridge vlan set vid 2 dev dummy1 mcast_router 2\n $ bridge vlan global show dev br1 vid 2 | grep router\n router ports: dummy1\n\nWhen the VLAN is deleted from the port, the per-{port, VLAN} multicast\ncontext will not be disabled since multicast snooping is not enabled\non the VLAN. As a result, the port will remain in the per-VLAN router\nport list even after it is no longer member in the VLAN. This will lead\nto a use-after-free [2] when the list is traversed (when adding a new\nport to the list, for example):\n\n # ip link add name dummy2 up master br1 type dummy\n # bridge vlan add vid 2 dev dummy2\n # bridge vlan del vid 2 dev dummy1\n # bridge vlan set vid 2 dev dummy2 mcast_router 2\n\nFix these issues by removing the port from the relevant (global or\nper-VLAN) router port list in br_multicast_port_ctx_deinit(). The\nfunction is invoked during port deletion with the per-port multicast\ncontext and during VLAN deletion with the per-{port, VLAN} multicast\ncontext.\n\nNote that deleting the multicast router timer is not enough as it only\ntakes care of the temporary multicast router states (1 or 3) and not the\npermanent one (2).\n\n[1]\nBUG: KASAN: slab-out-of-bounds in br_multicast_add_router.part.0+0x3f1/0x560\nWrite of size 8 at addr ffff888004a67328 by task ip/384\n[...]\nCall Trace:\n \u003cTASK\u003e\n dump_stack\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38248",
"url": "https://www.suse.com/security/cve/CVE-2025-38248"
},
{
"category": "external",
"summary": "SUSE Bug 1246173 for CVE-2025-38248",
"url": "https://bugzilla.suse.com/1246173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38248"
},
{
"cve": "CVE-2025-38249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()\n\nIn snd_usb_get_audioformat_uac3(), the length value returned from\nsnd_usb_ctl_msg() is used directly for memory allocation without\nvalidation. This length is controlled by the USB device.\n\nThe allocated buffer is cast to a uac3_cluster_header_descriptor\nand its fields are accessed without verifying that the buffer\nis large enough. If the device returns a smaller than expected\nlength, this leads to an out-of-bounds read.\n\nAdd a length check to ensure the buffer is large enough for\nuac3_cluster_header_descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38249",
"url": "https://www.suse.com/security/cve/CVE-2025-38249"
},
{
"category": "external",
"summary": "SUSE Bug 1246171 for CVE-2025-38249",
"url": "https://bugzilla.suse.com/1246171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38249"
},
{
"cve": "CVE-2025-38250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38250"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev-\u003edev-\u003edriver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet\u0027s run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev-\u003edestruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \u003c/TASK\u003e\n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38250",
"url": "https://www.suse.com/security/cve/CVE-2025-38250"
},
{
"category": "external",
"summary": "SUSE Bug 1246182 for CVE-2025-38250",
"url": "https://bugzilla.suse.com/1246182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38250"
},
{
"cve": "CVE-2025-38257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Prevent overflow in size calculation for memdup_user()\n\nNumber of apqn target list entries contained in \u0027nr_apqns\u0027 variable is\ndetermined by userspace via an ioctl call so the result of the product in\ncalculation of size passed to memdup_user() may overflow.\n\nIn this case the actual size of the allocated area and the value\ndescribing it won\u0027t be in sync leading to various types of unpredictable\nbehaviour later.\n\nUse a proper memdup_array_user() helper which returns an error if an\noverflow is detected. Note that it is different from when nr_apqns is\ninitially zero - that case is considered valid and should be handled in\nsubsequent pkey_handler implementations.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38257",
"url": "https://www.suse.com/security/cve/CVE-2025-38257"
},
{
"category": "external",
"summary": "SUSE Bug 1246186 for CVE-2025-38257",
"url": "https://bugzilla.suse.com/1246186"
},
{
"category": "external",
"summary": "SUSE Bug 1246189 for CVE-2025-38257",
"url": "https://bugzilla.suse.com/1246189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38257"
},
{
"cve": "CVE-2025-38259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd9335: Fix missing free of regulator supplies\n\nDriver gets and enables all regulator supplies in probe path\n(wcd9335_parse_dt() and wcd9335_power_on_reset()), but does not cleanup\nin final error paths and in unbind (missing remove() callback). This\nleads to leaked memory and unbalanced regulator enable count during\nprobe errors or unbind.\n\nFix this by converting entire code into devm_regulator_bulk_get_enable()\nwhich also greatly simplifies the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38259",
"url": "https://www.suse.com/security/cve/CVE-2025-38259"
},
{
"category": "external",
"summary": "SUSE Bug 1246220 for CVE-2025-38259",
"url": "https://bugzilla.suse.com/1246220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38259"
},
{
"cve": "CVE-2025-38264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: sanitize request list handling\n\nValidate the request in nvme_tcp_handle_r2t() to ensure it\u0027s not part of\nany list, otherwise a malicious R2T PDU might inject a loop in request\nlist processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38264",
"url": "https://www.suse.com/security/cve/CVE-2025-38264"
},
{
"category": "external",
"summary": "SUSE Bug 1246387 for CVE-2025-38264",
"url": "https://bugzilla.suse.com/1246387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38264"
},
{
"cve": "CVE-2025-38272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: b53: do not enable EEE on bcm63xx\n\nBCM63xx internal switches do not support EEE, but provide multiple RGMII\nports where external PHYs may be connected. If one of these PHYs are EEE\ncapable, we may try to enable EEE for the MACs, which then hangs the\nsystem on access of the (non-existent) EEE registers.\n\nFix this by checking if the switch actually supports EEE before\nattempting to configure it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38272",
"url": "https://www.suse.com/security/cve/CVE-2025-38272"
},
{
"category": "external",
"summary": "SUSE Bug 1246268 for CVE-2025-38272",
"url": "https://bugzilla.suse.com/1246268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38272"
},
{
"cve": "CVE-2025-38273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tipc: fix refcount warning in tipc_aead_encrypt\n\nsyzbot reported a refcount warning [1] caused by calling get_net() on\na network namespace that is being destroyed (refcount=0). This happens\nwhen a TIPC discovery timer fires during network namespace cleanup.\n\nThe recently added get_net() call in commit e279024617134 (\"net/tipc:\nfix slab-use-after-free Read in tipc_aead_encrypt_done\") attempts to\nhold a reference to the network namespace. However, if the namespace\nis already being destroyed, its refcount might be zero, leading to the\nuse-after-free warning.\n\nReplace get_net() with maybe_get_net(), which safely checks if the\nrefcount is non-zero before incrementing it. If the namespace is being\ndestroyed, return -ENODEV early, after releasing the bearer reference.\n\n[1]: https://lore.kernel.org/all/68342b55.a70a0220.253bc2.0091.GAE@google.com/T/#m12019cf9ae77e1954f666914640efa36d52704a2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38273",
"url": "https://www.suse.com/security/cve/CVE-2025-38273"
},
{
"category": "external",
"summary": "SUSE Bug 1246266 for CVE-2025-38273",
"url": "https://bugzilla.suse.com/1246266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38273"
},
{
"cve": "CVE-2025-38275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38275"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug\n\nThe qmp_usb_iomap() helper function currently returns the raw result of\ndevm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return\na NULL pointer and the caller only checks error pointers with IS_ERR(),\nNULL could bypass the check and lead to an invalid dereference.\n\nFix the issue by checking if devm_ioremap() returns NULL. When it does,\nqmp_usb_iomap() now returns an error pointer via IOMEM_ERR_PTR(-ENOMEM),\nensuring safe and consistent error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38275",
"url": "https://www.suse.com/security/cve/CVE-2025-38275"
},
{
"category": "external",
"summary": "SUSE Bug 1246236 for CVE-2025-38275",
"url": "https://bugzilla.suse.com/1246236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38275"
},
{
"cve": "CVE-2025-38277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: nand: ecc-mxic: Fix use of uninitialized variable ret\n\nIf ctx-\u003esteps is zero, the loop processing ECC steps is skipped,\nand the variable ret remains uninitialized. It is later checked\nand returned, which leads to undefined behavior and may cause\nunpredictable results in user space or kernel crashes.\n\nThis scenario can be triggered in edge cases such as misconfigured\ngeometry, ECC engine misuse, or if ctx-\u003esteps is not validated\nafter initialization.\n\nInitialize ret to zero before the loop to ensure correct and safe\nbehavior regardless of the ctx-\u003esteps value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38277",
"url": "https://www.suse.com/security/cve/CVE-2025-38277"
},
{
"category": "external",
"summary": "SUSE Bug 1246246 for CVE-2025-38277",
"url": "https://bugzilla.suse.com/1246246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38277"
},
{
"cve": "CVE-2025-38279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Do not include stack ptr register in precision backtracking bookkeeping\n\nYi Lai reported an issue ([1]) where the following warning appears\nin kernel dmesg:\n [ 60.643604] verifier backtracking bug\n [ 60.643635] WARNING: CPU: 10 PID: 2315 at kernel/bpf/verifier.c:4302 __mark_chain_precision+0x3a6c/0x3e10\n [ 60.648428] Modules linked in: bpf_testmod(OE)\n [ 60.650471] CPU: 10 UID: 0 PID: 2315 Comm: test_progs Tainted: G OE 6.15.0-rc4-gef11287f8289-dirty #327 PREEMPT(full)\n [ 60.654385] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n [ 60.656682] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n [ 60.660475] RIP: 0010:__mark_chain_precision+0x3a6c/0x3e10\n [ 60.662814] Code: 5a 30 84 89 ea e8 c4 d9 01 00 80 3d 3e 7d d8 04 00 0f 85 60 fa ff ff c6 05 31 7d d8 04\n 01 48 c7 c7 00 58 30 84 e8 c4 06 a5 ff \u003c0f\u003e 0b e9 46 fa ff ff 48 ...\n [ 60.668720] RSP: 0018:ffff888116cc7298 EFLAGS: 00010246\n [ 60.671075] RAX: 54d70e82dfd31900 RBX: ffff888115b65e20 RCX: 0000000000000000\n [ 60.673659] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 00000000ffffffff\n [ 60.676241] RBP: 0000000000000400 R08: ffff8881f6f23bd3 R09: 1ffff1103ede477a\n [ 60.678787] R10: dffffc0000000000 R11: ffffed103ede477b R12: ffff888115b60ae8\n [ 60.681420] R13: 1ffff11022b6cbc4 R14: 00000000fffffff2 R15: 0000000000000001\n [ 60.684030] FS: 00007fc2aedd80c0(0000) GS:ffff88826fa8a000(0000) knlGS:0000000000000000\n [ 60.686837] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 60.689027] CR2: 000056325369e000 CR3: 000000011088b002 CR4: 0000000000370ef0\n [ 60.691623] Call Trace:\n [ 60.692821] \u003cTASK\u003e\n [ 60.693960] ? __pfx_verbose+0x10/0x10\n [ 60.695656] ? __pfx_disasm_kfunc_name+0x10/0x10\n [ 60.697495] check_cond_jmp_op+0x16f7/0x39b0\n [ 60.699237] do_check+0x58fa/0xab10\n ...\n\nFurther analysis shows the warning is at line 4302 as below:\n\n 4294 /* static subprog call instruction, which\n 4295 * means that we are exiting current subprog,\n 4296 * so only r1-r5 could be still requested as\n 4297 * precise, r0 and r6-r10 or any stack slot in\n 4298 * the current frame should be zero by now\n 4299 */\n 4300 if (bt_reg_mask(bt) \u0026 ~BPF_REGMASK_ARGS) {\n 4301 verbose(env, \"BUG regs %x\\n\", bt_reg_mask(bt));\n 4302 WARN_ONCE(1, \"verifier backtracking bug\");\n 4303 return -EFAULT;\n 4304 }\n\nWith the below test (also in the next patch):\n __used __naked static void __bpf_jmp_r10(void)\n {\n\tasm volatile (\n\t\"r2 = 2314885393468386424 ll;\"\n\t\"goto +0;\"\n\t\"if r2 \u003c= r10 goto +3;\"\n\t\"if r1 \u003e= -1835016 goto +0;\"\n\t\"if r2 \u003c= 8 goto +0;\"\n\t\"if r3 \u003c= 0 goto +0;\"\n\t\"exit;\"\n\t::: __clobber_all);\n }\n\n SEC(\"?raw_tp\")\n __naked void bpf_jmp_r10(void)\n {\n\tasm volatile (\n\t\"r3 = 0 ll;\"\n\t\"call __bpf_jmp_r10;\"\n\t\"r0 = 0;\"\n\t\"exit;\"\n\t::: __clobber_all);\n }\n\nThe following is the verifier failure log:\n 0: (18) r3 = 0x0 ; R3_w=0\n 2: (85) call pc+2\n caller:\n R10=fp0\n callee:\n frame1: R1=ctx() R3_w=0 R10=fp0\n 5: frame1: R1=ctx() R3_w=0 R10=fp0\n ; asm volatile (\" \\ @ verifier_precision.c:184\n 5: (18) r2 = 0x20202000256c6c78 ; frame1: R2_w=0x20202000256c6c78\n 7: (05) goto pc+0\n 8: (bd) if r2 \u003c= r10 goto pc+3 ; frame1: R2_w=0x20202000256c6c78 R10=fp0\n 9: (35) if r1 \u003e= 0xffe3fff8 goto pc+0 ; frame1: R1=ctx()\n 10: (b5) if r2 \u003c= 0x8 goto pc+0\n mark_precise: frame1: last_idx 10 first_idx 0 subseq_idx -1\n mark_precise: frame1: regs=r2 stack= before 9: (35) if r1 \u003e= 0xffe3fff8 goto pc+0\n mark_precise: frame1: regs=r2 stack= before 8: (bd) if r2 \u003c= r10 goto pc+3\n mark_preci\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38279",
"url": "https://www.suse.com/security/cve/CVE-2025-38279"
},
{
"category": "external",
"summary": "SUSE Bug 1246264 for CVE-2025-38279",
"url": "https://bugzilla.suse.com/1246264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38279"
},
{
"cve": "CVE-2025-38283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38283"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhisi_acc_vfio_pci: bugfix live migration function without VF device driver\n\nIf the VF device driver is not loaded in the Guest OS and we attempt to\nperform device data migration, the address of the migrated data will\nbe NULL.\nThe live migration recovery operation on the destination side will\naccess a null address value, which will cause access errors.\n\nTherefore, live migration of VMs without added VF device drivers\ndoes not require device data migration.\nIn addition, when the queue address data obtained by the destination\nis empty, device queue recovery processing will not be performed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38283",
"url": "https://www.suse.com/security/cve/CVE-2025-38283"
},
{
"category": "external",
"summary": "SUSE Bug 1246273 for CVE-2025-38283",
"url": "https://bugzilla.suse.com/1246273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38283"
},
{
"cve": "CVE-2025-38286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38286"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: at91: Fix possible out-of-boundary access\n\nat91_gpio_probe() doesn\u0027t check that given OF alias is not available or\nsomething went wrong when trying to get it. This might have consequences\nwhen accessing gpio_chips array with that value as an index. Note, that\nBUG() can be compiled out and hence won\u0027t actually perform the required\nchecks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38286",
"url": "https://www.suse.com/security/cve/CVE-2025-38286"
},
{
"category": "external",
"summary": "SUSE Bug 1246283 for CVE-2025-38286",
"url": "https://bugzilla.suse.com/1246283"
},
{
"category": "external",
"summary": "SUSE Bug 1246284 for CVE-2025-38286",
"url": "https://bugzilla.suse.com/1246284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38286"
},
{
"cve": "CVE-2025-38289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk\n\nSmatch detected a potential use-after-free of an ndlp oject in\ndev_loss_tmo_callbk during driver unload or fatal error handling.\n\nFix by reordering code to avoid potential use-after-free if initial\nnodelist reference has been previously removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38289",
"url": "https://www.suse.com/security/cve/CVE-2025-38289"
},
{
"category": "external",
"summary": "SUSE Bug 1246287 for CVE-2025-38289",
"url": "https://bugzilla.suse.com/1246287"
},
{
"category": "external",
"summary": "SUSE Bug 1246288 for CVE-2025-38289",
"url": "https://bugzilla.suse.com/1246288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38289"
},
{
"cve": "CVE-2025-38290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix node corruption in ar-\u003earvifs list\n\nIn current WLAN recovery code flow, ath12k_core_halt() only reinitializes\nthe \"arvifs\" list head. This will cause the list node immediately following\nthe list head to become an invalid list node. Because the prev of that node\nstill points to the list head \"arvifs\", but the next of the list head\n\"arvifs\" no longer points to that list node.\n\nWhen a WLAN recovery occurs during the execution of a vif removal, and it\nhappens before the spin_lock_bh(\u0026ar-\u003edata_lock) in\nath12k_mac_vdev_delete(), list_del() will detect the previously mentioned\nsituation, thereby triggering a kernel panic.\n\nThe fix is to remove and reinitialize all vif list nodes from the list head\n\"arvifs\" during WLAN halt. The reinitialization is to make the list nodes\nvalid, ensuring that the list_del() in ath12k_mac_vdev_delete() can execute\nnormally.\n\nCall trace:\n__list_del_entry_valid_or_report+0xd4/0x100 (P)\nath12k_mac_remove_link_interface.isra.0+0xf8/0x2e4 [ath12k]\nath12k_scan_vdev_clean_work+0x40/0x164 [ath12k]\ncfg80211_wiphy_work+0xfc/0x100\nprocess_one_work+0x164/0x2d0\nworker_thread+0x254/0x380\nkthread+0xfc/0x100\nret_from_fork+0x10/0x20\n\nThe change is mostly copied from the ath11k patch:\nhttps://lore.kernel.org/all/20250320053145.3445187-1-quic_stonez@quicinc.com/\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38290",
"url": "https://www.suse.com/security/cve/CVE-2025-38290"
},
{
"category": "external",
"summary": "SUSE Bug 1246293 for CVE-2025-38290",
"url": "https://bugzilla.suse.com/1246293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38290"
},
{
"cve": "CVE-2025-38292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38292"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix invalid access to memory\n\nIn ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean\nis_continuation is part of rxcb.\nCurrently, after freeing the skb, the rxcb-\u003eis_continuation accessed\nagain which is wrong since the memory is already freed.\nThis might lead use-after-free error.\n\nHence, fix by locally defining bool is_continuation from rxcb,\nso that after freeing skb, is_continuation can be used.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38292",
"url": "https://www.suse.com/security/cve/CVE-2025-38292"
},
{
"category": "external",
"summary": "SUSE Bug 1246295 for CVE-2025-38292",
"url": "https://bugzilla.suse.com/1246295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38292"
},
{
"cve": "CVE-2025-38293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix node corruption in ar-\u003earvifs list\n\nIn current WLAN recovery code flow, ath11k_core_halt() only\nreinitializes the \"arvifs\" list head. This will cause the\nlist node immediately following the list head to become an\ninvalid list node. Because the prev of that node still points\nto the list head \"arvifs\", but the next of the list head \"arvifs\"\nno longer points to that list node.\n\nWhen a WLAN recovery occurs during the execution of a vif\nremoval, and it happens before the spin_lock_bh(\u0026ar-\u003edata_lock)\nin ath11k_mac_op_remove_interface(), list_del() will detect the\npreviously mentioned situation, thereby triggering a kernel panic.\n\nThe fix is to remove and reinitialize all vif list nodes from the\nlist head \"arvifs\" during WLAN halt. The reinitialization is to make\nthe list nodes valid, ensuring that the list_del() in\nath11k_mac_op_remove_interface() can execute normally.\n\nCall trace:\n__list_del_entry_valid_or_report+0xb8/0xd0\nath11k_mac_op_remove_interface+0xb0/0x27c [ath11k]\ndrv_remove_interface+0x48/0x194 [mac80211]\nieee80211_do_stop+0x6e0/0x844 [mac80211]\nieee80211_stop+0x44/0x17c [mac80211]\n__dev_close_many+0xac/0x150\n__dev_change_flags+0x194/0x234\ndev_change_flags+0x24/0x6c\ndevinet_ioctl+0x3a0/0x670\ninet_ioctl+0x200/0x248\nsock_do_ioctl+0x60/0x118\nsock_ioctl+0x274/0x35c\n__arm64_sys_ioctl+0xac/0xf0\ninvoke_syscall+0x48/0x114\n...\n\nTested-on: QCA6698AQ hw2.1 PCI WLAN.HSP.1.1-04591-QCAHSPSWPL_V1_V2_SILICONZ_IOE-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38293",
"url": "https://www.suse.com/security/cve/CVE-2025-38293"
},
{
"category": "external",
"summary": "SUSE Bug 1246292 for CVE-2025-38293",
"url": "https://bugzilla.suse.com/1246292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38293"
},
{
"cve": "CVE-2025-38300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38300"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()\n\nFix two DMA cleanup issues on the error path in sun8i_ce_cipher_prepare():\n\n1] If dma_map_sg() fails for areq-\u003edst, the device driver would try to free\n DMA memory it has not allocated in the first place. To fix this, on the\n \"theend_sgs\" error path, call dma unmap only if the corresponding dma\n map was successful.\n\n2] If the dma_map_single() call for the IV fails, the device driver would\n try to free an invalid DMA memory address on the \"theend_iv\" path:\n ------------[ cut here ]------------\n DMA-API: sun8i-ce 1904000.crypto: device driver tries to free an invalid DMA memory address\n WARNING: CPU: 2 PID: 69 at kernel/dma/debug.c:968 check_unmap+0x123c/0x1b90\n Modules linked in: skcipher_example(O+)\n CPU: 2 UID: 0 PID: 69 Comm: 1904000.crypto- Tainted: G O 6.15.0-rc3+ #24 PREEMPT\n Tainted: [O]=OOT_MODULE\n Hardware name: OrangePi Zero2 (DT)\n pc : check_unmap+0x123c/0x1b90\n lr : check_unmap+0x123c/0x1b90\n ...\n Call trace:\n check_unmap+0x123c/0x1b90 (P)\n debug_dma_unmap_page+0xac/0xc0\n dma_unmap_page_attrs+0x1f4/0x5fc\n sun8i_ce_cipher_do_one+0x1bd4/0x1f40\n crypto_pump_work+0x334/0x6e0\n kthread_worker_fn+0x21c/0x438\n kthread+0x374/0x664\n ret_from_fork+0x10/0x20\n ---[ end trace 0000000000000000 ]---\n\nTo fix this, check for !dma_mapping_error() before calling\ndma_unmap_single() on the \"theend_iv\" path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38300",
"url": "https://www.suse.com/security/cve/CVE-2025-38300"
},
{
"category": "external",
"summary": "SUSE Bug 1246349 for CVE-2025-38300",
"url": "https://bugzilla.suse.com/1246349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38300"
},
{
"cve": "CVE-2025-38303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: eir: Fix possible crashes on eir_create_adv_data\n\neir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER\nwithout checking if that would fit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38303",
"url": "https://www.suse.com/security/cve/CVE-2025-38303"
},
{
"category": "external",
"summary": "SUSE Bug 1246354 for CVE-2025-38303",
"url": "https://bugzilla.suse.com/1246354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38303"
},
{
"cve": "CVE-2025-38304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix NULL pointer deference on eir_get_service_data\n\nThe len parameter is considered optional so it can be NULL so it cannot\nbe used for skipping to next entry of EIR_SERVICE_DATA.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38304",
"url": "https://www.suse.com/security/cve/CVE-2025-38304"
},
{
"category": "external",
"summary": "SUSE Bug 1246240 for CVE-2025-38304",
"url": "https://bugzilla.suse.com/1246240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38304"
},
{
"cve": "CVE-2025-38305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: remove ptp-\u003en_vclocks check logic in ptp_vclock_in_use()\n\nThere is no disagreement that we should check both ptp-\u003eis_virtual_clock\nand ptp-\u003en_vclocks to check if the ptp virtual clock is in use.\n\nHowever, when we acquire ptp-\u003en_vclocks_mux to read ptp-\u003en_vclocks in\nptp_vclock_in_use(), we observe a recursive lock in the call trace\nstarting from n_vclocks_store().\n\n============================================\nWARNING: possible recursive locking detected\n6.15.0-rc6 #1 Not tainted\n--------------------------------------------\nsyz.0.1540/13807 is trying to acquire lock:\nffff888035a24868 (\u0026ptp-\u003en_vclocks_mux){+.+.}-{4:4}, at:\n ptp_vclock_in_use drivers/ptp/ptp_private.h:103 [inline]\nffff888035a24868 (\u0026ptp-\u003en_vclocks_mux){+.+.}-{4:4}, at:\n ptp_clock_unregister+0x21/0x250 drivers/ptp/ptp_clock.c:415\n\nbut task is already holding lock:\nffff888030704868 (\u0026ptp-\u003en_vclocks_mux){+.+.}-{4:4}, at:\n n_vclocks_store+0xf1/0x6d0 drivers/ptp/ptp_sysfs.c:215\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026ptp-\u003en_vclocks_mux);\n lock(\u0026ptp-\u003en_vclocks_mux);\n\n *** DEADLOCK ***\n....\n============================================\n\nThe best way to solve this is to remove the logic that checks\nptp-\u003en_vclocks in ptp_vclock_in_use().\n\nThe reason why this is appropriate is that any path that uses\nptp-\u003en_vclocks must unconditionally check if ptp-\u003en_vclocks is greater\nthan 0 before unregistering vclocks, and all functions are already\nwritten this way. And in the function that uses ptp-\u003en_vclocks, we\nalready get ptp-\u003en_vclocks_mux before unregistering vclocks.\n\nTherefore, we need to remove the redundant check for ptp-\u003en_vclocks in\nptp_vclock_in_use() to prevent recursive locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38305",
"url": "https://www.suse.com/security/cve/CVE-2025-38305"
},
{
"category": "external",
"summary": "SUSE Bug 1246358 for CVE-2025-38305",
"url": "https://bugzilla.suse.com/1246358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38305"
},
{
"cve": "CVE-2025-38307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Verify content returned by parse_int_array()\n\nThe first element of the returned array stores its length. If it is 0,\nany manipulation beyond the element at index 0 ends with null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38307",
"url": "https://www.suse.com/security/cve/CVE-2025-38307"
},
{
"category": "external",
"summary": "SUSE Bug 1246364 for CVE-2025-38307",
"url": "https://bugzilla.suse.com/1246364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38307"
},
{
"cve": "CVE-2025-38310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38310"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: Fix validation of nexthop addresses\n\nThe kernel currently validates that the length of the provided nexthop\naddress does not exceed the specified length. This can lead to the\nkernel reading uninitialized memory if user space provided a shorter\nlength than the specified one.\n\nFix by validating that the provided length exactly matches the specified\none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38310",
"url": "https://www.suse.com/security/cve/CVE-2025-38310"
},
{
"category": "external",
"summary": "SUSE Bug 1246361 for CVE-2025-38310",
"url": "https://bugzilla.suse.com/1246361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38310"
},
{
"cve": "CVE-2025-38312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38312"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()\n\nIn fb_find_mode_cvt(), iff mode-\u003erefresh somehow happens to be 0x80000000,\ncvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It\u0027s\nthen passed to fb_cvt_hperiod(), where it\u0027s used as a divider -- division\nby 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to\navoid such overflow...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38312",
"url": "https://www.suse.com/security/cve/CVE-2025-38312"
},
{
"category": "external",
"summary": "SUSE Bug 1246386 for CVE-2025-38312",
"url": "https://bugzilla.suse.com/1246386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38312"
},
{
"cve": "CVE-2025-38313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38313"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: fsl-mc: fix double-free on mc_dev\n\nThe blamed commit tried to simplify how the deallocations are done but,\nin the process, introduced a double-free on the mc_dev variable.\n\nIn case the MC device is a DPRC, a new mc_bus is allocated and the\nmc_dev variable is just a reference to one of its fields. In this\ncircumstance, on the error path only the mc_bus should be freed.\n\nThis commit introduces back the following checkpatch warning which is a\nfalse-positive.\n\nWARNING: kfree(NULL) is safe and this check is probably not required\n+ if (mc_bus)\n+ kfree(mc_bus);",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38313",
"url": "https://www.suse.com/security/cve/CVE-2025-38313"
},
{
"category": "external",
"summary": "SUSE Bug 1246342 for CVE-2025-38313",
"url": "https://bugzilla.suse.com/1246342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38313"
},
{
"cve": "CVE-2025-38319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table\n\nThe function atomctrl_initialize_mc_reg_table() and\natomctrl_initialize_mc_reg_table_v2_2() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table()\nfails to retrieve vram_info, it returns NULL which is later\ndereferenced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38319",
"url": "https://www.suse.com/security/cve/CVE-2025-38319"
},
{
"category": "external",
"summary": "SUSE Bug 1246243 for CVE-2025-38319",
"url": "https://bugzilla.suse.com/1246243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38319"
},
{
"cve": "CVE-2025-38323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: add lec_mutex\n\nsyzbot found its way in net/atm/lec.c, and found an error path\nin lecd_attach() could leave a dangling pointer in dev_lec[].\n\nAdd a mutex to protect dev_lecp[] uses from lecd_attach(),\nlec_vcc_attach() and lec_mcast_attach().\n\nFollowing patch will use this mutex for /proc/net/atm/lec.\n\nBUG: KASAN: slab-use-after-free in lecd_attach net/atm/lec.c:751 [inline]\nBUG: KASAN: slab-use-after-free in lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008\nRead of size 8 at addr ffff88807c7b8e68 by task syz.1.17/6142\n\nCPU: 1 UID: 0 PID: 6142 Comm: syz.1.17 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xcd/0x680 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n lecd_attach net/atm/lec.c:751 [inline]\n lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nAllocated by task 6132:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4328 [inline]\n __kvmalloc_node_noprof+0x27b/0x620 mm/slub.c:5015\n alloc_netdev_mqs+0xd2/0x1570 net/core/dev.c:11711\n lecd_attach net/atm/lec.c:737 [inline]\n lane_ioctl+0x17db/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 6132:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4643 [inline]\n kfree+0x2b4/0x4d0 mm/slub.c:4842\n free_netdev+0x6c5/0x910 net/core/dev.c:11892\n lecd_attach net/atm/lec.c:744 [inline]\n lane_ioctl+0x1ce8/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38323",
"url": "https://www.suse.com/security/cve/CVE-2025-38323"
},
{
"category": "external",
"summary": "SUSE Bug 1246473 for CVE-2025-38323",
"url": "https://bugzilla.suse.com/1246473"
},
{
"category": "external",
"summary": "SUSE Bug 1246525 for CVE-2025-38323",
"url": "https://bugzilla.suse.com/1246525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38323"
},
{
"cve": "CVE-2025-38326",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38326"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: clean device rq_list in aoedev_downdev()\n\nAn aoe device\u0027s rq_list contains accepted block requests that are\nwaiting to be transmitted to the aoe target. This queue was added as\npart of the conversion to blk_mq. However, the queue was not cleaned out\nwhen an aoe device is downed which caused blk_mq_freeze_queue() to sleep\nindefinitely waiting for those requests to complete, causing a hang. This\nfix cleans out the queue before calling blk_mq_freeze_queue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38326",
"url": "https://www.suse.com/security/cve/CVE-2025-38326"
},
{
"category": "external",
"summary": "SUSE Bug 1246490 for CVE-2025-38326",
"url": "https://bugzilla.suse.com/1246490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38326"
},
{
"cve": "CVE-2025-38328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: check jffs2_prealloc_raw_node_refs() result in few other places\n\nFuzzing hit another invalid pointer dereference due to the lack of\nchecking whether jffs2_prealloc_raw_node_refs() completed successfully.\nSubsequent logic implies that the node refs have been allocated.\n\nHandle that. The code is ready for propagating the error upwards.\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 PID: 5835 Comm: syz-executor145 Not tainted 5.10.234-syzkaller #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:jffs2_link_node_ref+0xac/0x690 fs/jffs2/nodelist.c:600\nCall Trace:\n jffs2_mark_erased_block fs/jffs2/erase.c:460 [inline]\n jffs2_erase_pending_blocks+0x688/0x1860 fs/jffs2/erase.c:118\n jffs2_garbage_collect_pass+0x638/0x1a00 fs/jffs2/gc.c:253\n jffs2_reserve_space+0x3f4/0xad0 fs/jffs2/nodemgmt.c:167\n jffs2_write_inode_range+0x246/0xb50 fs/jffs2/write.c:362\n jffs2_write_end+0x712/0x1110 fs/jffs2/file.c:302\n generic_perform_write+0x2c2/0x500 mm/filemap.c:3347\n __generic_file_write_iter+0x252/0x610 mm/filemap.c:3465\n generic_file_write_iter+0xdb/0x230 mm/filemap.c:3497\n call_write_iter include/linux/fs.h:2039 [inline]\n do_iter_readv_writev+0x46d/0x750 fs/read_write.c:740\n do_iter_write+0x18c/0x710 fs/read_write.c:866\n vfs_writev+0x1db/0x6a0 fs/read_write.c:939\n do_pwritev fs/read_write.c:1036 [inline]\n __do_sys_pwritev fs/read_write.c:1083 [inline]\n __se_sys_pwritev fs/read_write.c:1078 [inline]\n __x64_sys_pwritev+0x235/0x310 fs/read_write.c:1078\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38328",
"url": "https://www.suse.com/security/cve/CVE-2025-38328"
},
{
"category": "external",
"summary": "SUSE Bug 1246249 for CVE-2025-38328",
"url": "https://bugzilla.suse.com/1246249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38328"
},
{
"cve": "CVE-2025-38332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38332"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Use memcpy() for BIOS version\n\nThe strlcat() with FORTIFY support is triggering a panic because it\nthinks the target buffer will overflow although the correct target\nbuffer size is passed in.\n\nAnyway, instead of memset() with 0 followed by a strlcat(), just use\nmemcpy() and ensure that the resulting buffer is NULL terminated.\n\nBIOSVersion is only used for the lpfc_printf_log() which expects a\nproperly terminated string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38332",
"url": "https://www.suse.com/security/cve/CVE-2025-38332"
},
{
"category": "external",
"summary": "SUSE Bug 1246375 for CVE-2025-38332",
"url": "https://bugzilla.suse.com/1246375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38332"
},
{
"cve": "CVE-2025-38334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Prevent attempts to reclaim poisoned pages\n\nTL;DR: SGX page reclaim touches the page to copy its contents to\nsecondary storage. SGX instructions do not gracefully handle machine\nchecks. Despite this, the existing SGX code will try to reclaim pages\nthat it _knows_ are poisoned. Avoid even trying to reclaim poisoned pages.\n\nThe longer story:\n\nPages used by an enclave only get epc_page-\u003epoison set in\narch_memory_failure() but they currently stay on sgx_active_page_list until\nsgx_encl_release(), with the SGX_EPC_PAGE_RECLAIMER_TRACKED flag untouched.\n\nepc_page-\u003epoison is not checked in the reclaimer logic meaning that, if other\nconditions are met, an attempt will be made to reclaim an EPC page that was\npoisoned. This is bad because 1. we don\u0027t want that page to end up added\nto another enclave and 2. it is likely to cause one core to shut down\nand the kernel to panic.\n\nSpecifically, reclaiming uses microcode operations including \"EWB\" which\naccesses the EPC page contents to encrypt and write them out to non-SGX\nmemory. Those operations cannot handle MCEs in their accesses other than\nby putting the executing core into a special shutdown state (affecting\nboth threads with HT.) The kernel will subsequently panic on the\nremaining cores seeing the core didn\u0027t enter MCE handler(s) in time.\n\nCall sgx_unmark_page_reclaimable() to remove the affected EPC page from\nsgx_active_page_list on memory error to stop it being considered for\nreclaiming.\n\nTesting epc_page-\u003epoison in sgx_reclaim_pages() would also work but I assume\nit\u0027s better to add code in the less likely paths.\n\nThe affected EPC page is not added to \u0026node-\u003esgx_poison_page_list until\nlater in sgx_encl_release()-\u003esgx_free_epc_page() when it is EREMOVEd.\nMembership on other lists doesn\u0027t change to avoid changing any of the\nlists\u0027 semantics except for sgx_active_page_list. There\u0027s a \"TBD\" comment\nin arch_memory_failure() about pre-emptive actions, the goal here is not\nto address everything that it may imply.\n\nThis also doesn\u0027t completely close the time window when a memory error\nnotification will be fatal (for a not previously poisoned EPC page) --\nthe MCE can happen after sgx_reclaim_pages() has selected its candidates\nor even *inside* a microcode operation (actually easy to trigger due to\nthe amount of time spent in them.)\n\nThe spinlock in sgx_unmark_page_reclaimable() is safe because\nmemory_failure() runs in process context and no spinlocks are held,\nexplicitly noted in a mm/memory-failure.c comment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38334",
"url": "https://www.suse.com/security/cve/CVE-2025-38334"
},
{
"category": "external",
"summary": "SUSE Bug 1246384 for CVE-2025-38334",
"url": "https://bugzilla.suse.com/1246384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38334"
},
{
"cve": "CVE-2025-38335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38335"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: gpio-keys - fix a sleep while atomic with PREEMPT_RT\n\nWhen enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in\nhard irq context, but the input_event() takes a spin_lock, which isn\u0027t\nallowed there as it is converted to a rt_spin_lock().\n\n[ 4054.289999] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 4054.290028] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/0\n...\n[ 4054.290195] __might_resched+0x13c/0x1f4\n[ 4054.290209] rt_spin_lock+0x54/0x11c\n[ 4054.290219] input_event+0x48/0x80\n[ 4054.290230] gpio_keys_irq_timer+0x4c/0x78\n[ 4054.290243] __hrtimer_run_queues+0x1a4/0x438\n[ 4054.290257] hrtimer_interrupt+0xe4/0x240\n[ 4054.290269] arch_timer_handler_phys+0x2c/0x44\n[ 4054.290283] handle_percpu_devid_irq+0x8c/0x14c\n[ 4054.290297] handle_irq_desc+0x40/0x58\n[ 4054.290307] generic_handle_domain_irq+0x1c/0x28\n[ 4054.290316] gic_handle_irq+0x44/0xcc\n\nConsidering the gpio_keys_irq_isr() can run in any context, e.g. it can\nbe threaded, it seems there\u0027s no point in requesting the timer isr to\nrun in hard irq context.\n\nRelax the hrtimer not to use the hard context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38335",
"url": "https://www.suse.com/security/cve/CVE-2025-38335"
},
{
"category": "external",
"summary": "SUSE Bug 1246250 for CVE-2025-38335",
"url": "https://bugzilla.suse.com/1246250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38335"
},
{
"cve": "CVE-2025-38336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38336"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330\n\nThe controller has a hardware bug that can hard hang the system when\ndoing ATAPI DMAs without any trace of what happened. Depending on the\ndevice attached, it can also prevent the system from booting.\n\nIn this case, the system hangs when reading the ATIP from optical media\nwith cdrecord -vvv -atip on an _NEC DVD_RW ND-4571A 1-01 and an\nOptiarc DVD RW AD-7200A 1.06 attached to an ASRock 990FX Extreme 4,\nrunning at UDMA/33.\n\nThe issue can be reproduced by running the same command with a cygwin\nbuild of cdrecord on WinXP, although it requires more attempts to cause\nit. The hang in that case is also resolved by forcing PIO. It doesn\u0027t\nappear that VIA has produced any drivers for that OS, thus no known\nworkaround exists.\n\nHDDs attached to the controller do not suffer from any DMA issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38336",
"url": "https://www.suse.com/security/cve/CVE-2025-38336"
},
{
"category": "external",
"summary": "SUSE Bug 1246370 for CVE-2025-38336",
"url": "https://bugzilla.suse.com/1246370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38336"
},
{
"cve": "CVE-2025-38337",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38337"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()\n\nSince handle-\u003eh_transaction may be a NULL pointer, so we should change it\nto call is_handle_aborted(handle) first before dereferencing it.\n\nAnd the following data-race was reported in my fuzzer:\n\n==================================================================\nBUG: KCSAN: data-race in jbd2_journal_dirty_metadata / jbd2_journal_dirty_metadata\n\nwrite to 0xffff888011024104 of 4 bytes by task 10881 on cpu 1:\n jbd2_journal_dirty_metadata+0x2a5/0x770 fs/jbd2/transaction.c:1556\n __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358\n ext4_do_update_inode fs/ext4/inode.c:5220 [inline]\n ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869\n __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074\n ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103\n....\n\nread to 0xffff888011024104 of 4 bytes by task 10880 on cpu 0:\n jbd2_journal_dirty_metadata+0xf2/0x770 fs/jbd2/transaction.c:1512\n __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358\n ext4_do_update_inode fs/ext4/inode.c:5220 [inline]\n ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869\n __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074\n ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103\n....\n\nvalue changed: 0x00000000 -\u003e 0x00000001\n==================================================================\n\nThis issue is caused by missing data-race annotation for jh-\u003eb_modified.\nTherefore, the missing annotation needs to be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38337",
"url": "https://www.suse.com/security/cve/CVE-2025-38337"
},
{
"category": "external",
"summary": "SUSE Bug 1246253 for CVE-2025-38337",
"url": "https://bugzilla.suse.com/1246253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38337"
},
{
"cve": "CVE-2025-38338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()\n\nSometimes, when a file was read while it was being truncated by\nanother NFS client, the kernel could deadlock because folio_unlock()\nwas called twice, and the second call would XOR back the `PG_locked`\nflag.\n\nMost of the time (depending on the timing of the truncation), nobody\nnotices the problem because folio_unlock() gets called three times,\nwhich flips `PG_locked` back off:\n\n 1. vfs_read, nfs_read_folio, ... nfs_read_add_folio,\n nfs_return_empty_folio\n 2. vfs_read, nfs_read_folio, ... netfs_read_collection,\n netfs_unlock_abandoned_read_pages\n 3. vfs_read, ... nfs_do_read_folio, nfs_read_add_folio,\n nfs_return_empty_folio\n\nThe problem is that nfs_read_add_folio() is not supposed to unlock the\nfolio if fscache is enabled, and a nfs_netfs_folio_unlock() check is\nmissing in nfs_return_empty_folio().\n\nRarely this leads to a warning in netfs_read_collection():\n\n ------------[ cut here ]------------\n R=0000031c: folio 10 is not locked\n WARNING: CPU: 0 PID: 29 at fs/netfs/read_collect.c:133 netfs_read_collection+0x7c0/0xf00\n [...]\n Workqueue: events_unbound netfs_read_collection_worker\n RIP: 0010:netfs_read_collection+0x7c0/0xf00\n [...]\n Call Trace:\n \u003cTASK\u003e\n netfs_read_collection_worker+0x67/0x80\n process_one_work+0x12e/0x2c0\n worker_thread+0x295/0x3a0\n\nMost of the time, however, processes just get stuck forever in\nfolio_wait_bit_common(), waiting for `PG_locked` to disappear, which\nnever happens because nobody is really holding the folio lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38338",
"url": "https://www.suse.com/security/cve/CVE-2025-38338"
},
{
"category": "external",
"summary": "SUSE Bug 1246258 for CVE-2025-38338",
"url": "https://bugzilla.suse.com/1246258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38338"
},
{
"cve": "CVE-2025-38342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38342"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoftware node: Correct a OOB check in software_node_get_reference_args()\n\nsoftware_node_get_reference_args() wants to get @index-th element, so\nthe property value requires at least \u0027(index + 1) * sizeof(*ref)\u0027 bytes\nbut that can not be guaranteed by current OOB check, and may cause OOB\nfor malformed property.\n\nFix by using as OOB check \u0027((index + 1) * sizeof(*ref) \u003e prop-\u003elength)\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38342",
"url": "https://www.suse.com/security/cve/CVE-2025-38342"
},
{
"category": "external",
"summary": "SUSE Bug 1246453 for CVE-2025-38342",
"url": "https://bugzilla.suse.com/1246453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38342"
},
{
"cve": "CVE-2025-38343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: drop fragments with multicast or broadcast RA\n\nIEEE 802.11 fragmentation can only be applied to unicast frames.\nTherefore, drop fragments with multicast or broadcast RA. This patch\naddresses vulnerabilities such as CVE-2020-26145.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38343",
"url": "https://www.suse.com/security/cve/CVE-2025-38343"
},
{
"category": "external",
"summary": "SUSE Bug 1246438 for CVE-2025-38343",
"url": "https://bugzilla.suse.com/1246438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38343"
},
{
"cve": "CVE-2025-38344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38344"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: fix acpi parse and parseext cache leaks\n\nACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5\n\nI\u0027m Seunghun Han, and I work for National Security Research Institute of\nSouth Korea.\n\nI have been doing a research on ACPI and found an ACPI cache leak in ACPI\nearly abort cases.\n\nBoot log of ACPI cache leak is as follows:\n[ 0.352414] ACPI: Added _OSI(Module Device)\n[ 0.353182] ACPI: Added _OSI(Processor Device)\n[ 0.353182] ACPI: Added _OSI(3.0 _SCP Extensions)\n[ 0.353182] ACPI: Added _OSI(Processor Aggregator Device)\n[ 0.356028] ACPI: Unable to start the ACPI Interpreter\n[ 0.356799] ACPI Error: Could not remove SCI handler (20170303/evmisc-281)\n[ 0.360215] kmem_cache_destroy Acpi-State: Slab cache still has objects\n[ 0.360648] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G W\n4.12.0-rc4-next-20170608+ #10\n[ 0.361273] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS\nvirtual_box 12/01/2006\n[ 0.361873] Call Trace:\n[ 0.362243] ? dump_stack+0x5c/0x81\n[ 0.362591] ? kmem_cache_destroy+0x1aa/0x1c0\n[ 0.362944] ? acpi_sleep_proc_init+0x27/0x27\n[ 0.363296] ? acpi_os_delete_cache+0xa/0x10\n[ 0.363646] ? acpi_ut_delete_caches+0x6d/0x7b\n[ 0.364000] ? acpi_terminate+0xa/0x14\n[ 0.364000] ? acpi_init+0x2af/0x34f\n[ 0.364000] ? __class_create+0x4c/0x80\n[ 0.364000] ? video_setup+0x7f/0x7f\n[ 0.364000] ? acpi_sleep_proc_init+0x27/0x27\n[ 0.364000] ? do_one_initcall+0x4e/0x1a0\n[ 0.364000] ? kernel_init_freeable+0x189/0x20a\n[ 0.364000] ? rest_init+0xc0/0xc0\n[ 0.364000] ? kernel_init+0xa/0x100\n[ 0.364000] ? ret_from_fork+0x25/0x30\n\nI analyzed this memory leak in detail. I found that \"Acpi-State\" cache and\n\"Acpi-Parse\" cache were merged because the size of cache objects was same\nslab cache size.\n\nI finally found \"Acpi-Parse\" cache and \"Acpi-parse_ext\" cache were leaked\nusing SLAB_NEVER_MERGE flag in kmem_cache_create() function.\n\nReal ACPI cache leak point is as follows:\n[ 0.360101] ACPI: Added _OSI(Module Device)\n[ 0.360101] ACPI: Added _OSI(Processor Device)\n[ 0.360101] ACPI: Added _OSI(3.0 _SCP Extensions)\n[ 0.361043] ACPI: Added _OSI(Processor Aggregator Device)\n[ 0.364016] ACPI: Unable to start the ACPI Interpreter\n[ 0.365061] ACPI Error: Could not remove SCI handler (20170303/evmisc-281)\n[ 0.368174] kmem_cache_destroy Acpi-Parse: Slab cache still has objects\n[ 0.369332] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W\n4.12.0-rc4-next-20170608+ #8\n[ 0.371256] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS\nvirtual_box 12/01/2006\n[ 0.372000] Call Trace:\n[ 0.372000] ? dump_stack+0x5c/0x81\n[ 0.372000] ? kmem_cache_destroy+0x1aa/0x1c0\n[ 0.372000] ? acpi_sleep_proc_init+0x27/0x27\n[ 0.372000] ? acpi_os_delete_cache+0xa/0x10\n[ 0.372000] ? acpi_ut_delete_caches+0x56/0x7b\n[ 0.372000] ? acpi_terminate+0xa/0x14\n[ 0.372000] ? acpi_init+0x2af/0x34f\n[ 0.372000] ? __class_create+0x4c/0x80\n[ 0.372000] ? video_setup+0x7f/0x7f\n[ 0.372000] ? acpi_sleep_proc_init+0x27/0x27\n[ 0.372000] ? do_one_initcall+0x4e/0x1a0\n[ 0.372000] ? kernel_init_freeable+0x189/0x20a\n[ 0.372000] ? rest_init+0xc0/0xc0\n[ 0.372000] ? kernel_init+0xa/0x100\n[ 0.372000] ? ret_from_fork+0x25/0x30\n[ 0.388039] kmem_cache_destroy Acpi-parse_ext: Slab cache still has objects\n[ 0.389063] CPU: 1 PID: 1 Comm: swapper/0 Tainted: G W\n4.12.0-rc4-next-20170608+ #8\n[ 0.390557] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS\nvirtual_box 12/01/2006\n[ 0.392000] Call Trace:\n[ 0.392000] ? dump_stack+0x5c/0x81\n[ 0.392000] ? kmem_cache_destroy+0x1aa/0x1c0\n[ 0.392000] ? acpi_sleep_proc_init+0x27/0x27\n[ 0.392000] ? acpi_os_delete_cache+0xa/0x10\n[ 0.392000] ? acpi_ut_delete_caches+0x6d/0x7b\n[ 0.392000] ? acpi_terminate+0xa/0x14\n[ 0.392000] ? acpi_init+0x2af/0x3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38344",
"url": "https://www.suse.com/security/cve/CVE-2025-38344"
},
{
"category": "external",
"summary": "SUSE Bug 1246334 for CVE-2025-38344",
"url": "https://bugzilla.suse.com/1246334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38344"
},
{
"cve": "CVE-2025-38345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: fix acpi operand cache leak in dswstate.c\n\nACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732\n\nI found an ACPI cache leak in ACPI early termination and boot continuing case.\n\nWhen early termination occurs due to malicious ACPI table, Linux kernel\nterminates ACPI function and continues to boot process. While kernel terminates\nACPI function, kmem_cache_destroy() reports Acpi-Operand cache leak.\n\nBoot log of ACPI operand cache leak is as follows:\n\u003e[ 0.585957] ACPI: Added _OSI(Module Device)\n\u003e[ 0.587218] ACPI: Added _OSI(Processor Device)\n\u003e[ 0.588530] ACPI: Added _OSI(3.0 _SCP Extensions)\n\u003e[ 0.589790] ACPI: Added _OSI(Processor Aggregator Device)\n\u003e[ 0.591534] ACPI Error: Illegal I/O port address/length above 64K: C806E00000004002/0x2 (20170303/hwvalid-155)\n\u003e[ 0.594351] ACPI Exception: AE_LIMIT, Unable to initialize fixed events (20170303/evevent-88)\n\u003e[ 0.597858] ACPI: Unable to start the ACPI Interpreter\n\u003e[ 0.599162] ACPI Error: Could not remove SCI handler (20170303/evmisc-281)\n\u003e[ 0.601836] kmem_cache_destroy Acpi-Operand: Slab cache still has objects\n\u003e[ 0.603556] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.12.0-rc5 #26\n\u003e[ 0.605159] Hardware name: innotek gmb_h virtual_box/virtual_box, BIOS virtual_box 12/01/2006\n\u003e[ 0.609177] Call Trace:\n\u003e[ 0.610063] ? dump_stack+0x5c/0x81\n\u003e[ 0.611118] ? kmem_cache_destroy+0x1aa/0x1c0\n\u003e[ 0.612632] ? acpi_sleep_proc_init+0x27/0x27\n\u003e[ 0.613906] ? acpi_os_delete_cache+0xa/0x10\n\u003e[ 0.617986] ? acpi_ut_delete_caches+0x3f/0x7b\n\u003e[ 0.619293] ? acpi_terminate+0xa/0x14\n\u003e[ 0.620394] ? acpi_init+0x2af/0x34f\n\u003e[ 0.621616] ? __class_create+0x4c/0x80\n\u003e[ 0.623412] ? video_setup+0x7f/0x7f\n\u003e[ 0.624585] ? acpi_sleep_proc_init+0x27/0x27\n\u003e[ 0.625861] ? do_one_initcall+0x4e/0x1a0\n\u003e[ 0.627513] ? kernel_init_freeable+0x19e/0x21f\n\u003e[ 0.628972] ? rest_init+0x80/0x80\n\u003e[ 0.630043] ? kernel_init+0xa/0x100\n\u003e[ 0.631084] ? ret_from_fork+0x25/0x30\n\u003e[ 0.633343] vgaarb: loaded\n\u003e[ 0.635036] EDAC MC: Ver: 3.0.0\n\u003e[ 0.638601] PCI: Probing PCI hardware\n\u003e[ 0.639833] PCI host bridge to bus 0000:00\n\u003e[ 0.641031] pci_bus 0000:00: root bus resource [io 0x0000-0xffff]\n\u003e ... Continue to boot and log is omitted ...\n\nI analyzed this memory leak in detail and found acpi_ds_obj_stack_pop_and_\ndelete() function miscalculated the top of the stack. acpi_ds_obj_stack_push()\nfunction uses walk_state-\u003eoperand_index for start position of the top, but\nacpi_ds_obj_stack_pop_and_delete() function considers index 0 for it.\nTherefore, this causes acpi operand memory leak.\n\nThis cache leak causes a security threat because an old kernel (\u003c= 4.9) shows\nmemory locations of kernel functions in stack dump. Some malicious users\ncould use this information to neutralize kernel ASLR.\n\nI made a patch to fix ACPI operand cache leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38345",
"url": "https://www.suse.com/security/cve/CVE-2025-38345"
},
{
"category": "external",
"summary": "SUSE Bug 1246337 for CVE-2025-38345",
"url": "https://bugzilla.suse.com/1246337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38345"
},
{
"cve": "CVE-2025-38348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38348"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()\n\nRobert Morris reported:\n\n|If a malicious USB device pretends to be an Intersil p54 wifi\n|interface and generates an eeprom_readback message with a large\n|eeprom-\u003ev1.len, p54_rx_eeprom_readback() will copy data from the\n|message beyond the end of priv-\u003eeeprom.\n|\n|static void p54_rx_eeprom_readback(struct p54_common *priv,\n| struct sk_buff *skb)\n|{\n| struct p54_hdr *hdr = (struct p54_hdr *) skb-\u003edata;\n| struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr-\u003edata;\n|\n| if (priv-\u003efw_var \u003e= 0x509) {\n| memcpy(priv-\u003eeeprom, eeprom-\u003ev2.data,\n| le16_to_cpu(eeprom-\u003ev2.len));\n| } else {\n| memcpy(priv-\u003eeeprom, eeprom-\u003ev1.data,\n| le16_to_cpu(eeprom-\u003ev1.len));\n| }\n| [...]\n\nThe eeprom-\u003ev{1,2}.len is set by the driver in p54_download_eeprom().\nThe device is supposed to provide the same length back to the driver.\nBut yes, it\u0027s possible (like shown in the report) to alter the value\nto something that causes a crash/panic due to overrun.\n\nThis patch addresses the issue by adding the size to the common device\ncontext, so p54_rx_eeprom_readback no longer relies on possibly tampered\nvalues... That said, it also checks if the \"firmware\" altered the value\nand no longer copies them.\n\nThe one, small saving grace is: Before the driver tries to read the eeprom,\nit needs to upload \u003ea\u003c firmware. the vendor firmware has a proprietary\nlicense and as a reason, it is not present on most distributions by\ndefault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38348",
"url": "https://www.suse.com/security/cve/CVE-2025-38348"
},
{
"category": "external",
"summary": "SUSE Bug 1246262 for CVE-2025-38348",
"url": "https://bugzilla.suse.com/1246262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38348"
},
{
"cve": "CVE-2025-38349",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38349"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: don\u0027t decrement ep refcount while still holding the ep mutex\n\nJann Horn points out that epoll is decrementing the ep refcount and then\ndoing a\n\n mutex_unlock(\u0026ep-\u003emtx);\n\nafterwards. That\u0027s very wrong, because it can lead to a use-after-free.\n\nThat pattern is actually fine for the very last reference, because the\ncode in question will delay the actual call to \"ep_free(ep)\" until after\nit has unlocked the mutex.\n\nBut it\u0027s wrong for the much subtler \"next to last\" case when somebody\n*else* may also be dropping their reference and free the ep while we\u0027re\nstill using the mutex.\n\nNote that this is true even if that other user is also using the same ep\nmutex: mutexes, unlike spinlocks, can not be used for object ownership,\neven if they guarantee mutual exclusion.\n\nA mutex \"unlock\" operation is not atomic, and as one user is still\naccessing the mutex as part of unlocking it, another user can come in\nand get the now released mutex and free the data structure while the\nfirst user is still cleaning up.\n\nSee our mutex documentation in Documentation/locking/mutex-design.rst,\nin particular the section [1] about semantics:\n\n\t\"mutex_unlock() may access the mutex structure even after it has\n\t internally released the lock already - so it\u0027s not safe for\n\t another context to acquire the mutex and assume that the\n\t mutex_unlock() context is not using the structure anymore\"\n\nSo if we drop our ep ref before the mutex unlock, but we weren\u0027t the\nlast one, we may then unlock the mutex, another user comes in, drops\n_their_ reference and releases the \u0027ep\u0027 as it now has no users - all\nwhile the mutex_unlock() is still accessing it.\n\nFix this by simply moving the ep refcount dropping to outside the mutex:\nthe refcount itself is atomic, and doesn\u0027t need mutex protection (that\u0027s\nthe whole _point_ of refcounts: unlike mutexes, they are inherently\nabout object lifetimes).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38349",
"url": "https://www.suse.com/security/cve/CVE-2025-38349"
},
{
"category": "external",
"summary": "SUSE Bug 1246777 for CVE-2025-38349",
"url": "https://bugzilla.suse.com/1246777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38349"
},
{
"cve": "CVE-2025-38350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38350"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Always pass notifications when child class becomes empty\n\nCertain classful qdiscs may invoke their classes\u0027 dequeue handler on an\nenqueue operation. This may unexpectedly empty the child qdisc and thus\nmake an in-flight class passive via qlen_notify(). Most qdiscs do not\nexpect such behaviour at this point in time and may re-activate the\nclass eventually anyways which will lead to a use-after-free.\n\nThe referenced fix commit attempted to fix this behavior for the HFSC\ncase by moving the backlog accounting around, though this turned out to\nbe incomplete since the parent\u0027s parent may run into the issue too.\nThe following reproducer demonstrates this use-after-free:\n\n tc qdisc add dev lo root handle 1: drr\n tc filter add dev lo parent 1: basic classid 1:1\n tc class add dev lo parent 1: classid 1:1 drr\n tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1\n tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0\n tc qdisc add dev lo parent 2:1 handle 3: netem\n tc qdisc add dev lo parent 3:1 handle 4: blackhole\n\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n tc class delete dev lo classid 1:1\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n\nSince backlog accounting issues leading to a use-after-frees on stale\nclass pointers is a recurring pattern at this point, this patch takes\na different approach. Instead of trying to fix the accounting, the patch\nensures that qdisc_tree_reduce_backlog always calls qlen_notify when\nthe child qdisc is empty. This solves the problem because deletion of\nqdiscs always involves a call to qdisc_reset() and / or\nqdisc_purge_queue() which ultimately resets its qlen to 0 thus causing\nthe following qdisc_tree_reduce_backlog() to report to the parent. Note\nthat this may call qlen_notify on passive classes multiple times. This\nis not a problem after the recent patch series that made all the\nclassful qdiscs qlen_notify() handlers idempotent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38350",
"url": "https://www.suse.com/security/cve/CVE-2025-38350"
},
{
"category": "external",
"summary": "SUSE Bug 1246781 for CVE-2025-38350",
"url": "https://bugzilla.suse.com/1246781"
},
{
"category": "external",
"summary": "SUSE Bug 1247043 for CVE-2025-38350",
"url": "https://bugzilla.suse.com/1247043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38350"
},
{
"cve": "CVE-2025-38352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()\n\nIf an exiting non-autoreaping task has already passed exit_notify() and\ncalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parent\nor debugger right after unlock_task_sighand().\n\nIf a concurrent posix_cpu_timer_del() runs at that moment, it won\u0027t be\nable to detect timer-\u003eit.cpu.firing != 0: cpu_timer_task_rcu() and/or\nlock_task_sighand() will fail.\n\nAdd the tsk-\u003eexit_state check into run_posix_cpu_timers() to fix this.\n\nThis fix is not needed if CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y, because\nexit_task_work() is called before exit_notify(). But the check still\nmakes sense, task_work_add(\u0026tsk-\u003eposix_cputimers_work.work) will fail\nanyway in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38352",
"url": "https://www.suse.com/security/cve/CVE-2025-38352"
},
{
"category": "external",
"summary": "SUSE Bug 1246911 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1246911"
},
{
"category": "external",
"summary": "SUSE Bug 1249205 for CVE-2025-38352",
"url": "https://bugzilla.suse.com/1249205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38352"
},
{
"cve": "CVE-2025-38354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gpu: Fix crash when throttling GPU immediately during boot\n\nThere is a small chance that the GPU is already hot during boot. In that\ncase, the call to of_devfreq_cooling_register() will immediately try to\napply devfreq cooling, as seen in the following crash:\n\n Unable to handle kernel paging request at virtual address 0000000000014110\n pc : a6xx_gpu_busy+0x1c/0x58 [msm]\n lr : msm_devfreq_get_dev_status+0xbc/0x140 [msm]\n Call trace:\n a6xx_gpu_busy+0x1c/0x58 [msm] (P)\n devfreq_simple_ondemand_func+0x3c/0x150\n devfreq_update_target+0x44/0xd8\n qos_max_notifier_call+0x30/0x84\n blocking_notifier_call_chain+0x6c/0xa0\n pm_qos_update_target+0xd0/0x110\n freq_qos_apply+0x3c/0x74\n apply_constraint+0x88/0x148\n __dev_pm_qos_update_request+0x7c/0xcc\n dev_pm_qos_update_request+0x38/0x5c\n devfreq_cooling_set_cur_state+0x98/0xf0\n __thermal_cdev_update+0x64/0xb4\n thermal_cdev_update+0x4c/0x58\n step_wise_manage+0x1f0/0x318\n __thermal_zone_device_update+0x278/0x424\n __thermal_cooling_device_register+0x2bc/0x308\n thermal_of_cooling_device_register+0x10/0x1c\n of_devfreq_cooling_register_power+0x240/0x2bc\n of_devfreq_cooling_register+0x14/0x20\n msm_devfreq_init+0xc4/0x1a0 [msm]\n msm_gpu_init+0x304/0x574 [msm]\n adreno_gpu_init+0x1c4/0x2e0 [msm]\n a6xx_gpu_init+0x5c8/0x9c8 [msm]\n adreno_bind+0x2a8/0x33c [msm]\n ...\n\nAt this point we haven\u0027t initialized the GMU at all yet, so we cannot read\nthe GMU registers inside a6xx_gpu_busy(). A similar issue was fixed before\nin commit 6694482a70e9 (\"drm/msm: Avoid unclocked GMU register access in\n6xx gpu_busy\"): msm_devfreq_init() does call devfreq_suspend_device(), but\nunlike msm_devfreq_suspend(), it doesn\u0027t set the df-\u003esuspended flag\naccordingly. This means the df-\u003esuspended flag does not match the actual\ndevfreq state after initialization and msm_devfreq_get_dev_status() will\nend up accessing GMU registers, causing the crash.\n\nFix this by setting df-\u003esuspended correctly during initialization.\n\nPatchwork: https://patchwork.freedesktop.org/patch/650772/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38354",
"url": "https://www.suse.com/security/cve/CVE-2025-38354"
},
{
"category": "external",
"summary": "SUSE Bug 1247061 for CVE-2025-38354",
"url": "https://bugzilla.suse.com/1247061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38354"
},
{
"cve": "CVE-2025-38362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null pointer check for get_first_active_display()\n\nThe function mod_hdcp_hdcp1_enable_encryption() calls the function\nget_first_active_display(), but does not check its return value.\nThe return value is a null pointer if the display list is empty.\nThis will lead to a null pointer dereference in\nmod_hdcp_hdcp2_enable_encryption().\n\nAdd a null pointer check for get_first_active_display() and return\nMOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38362",
"url": "https://www.suse.com/security/cve/CVE-2025-38362"
},
{
"category": "external",
"summary": "SUSE Bug 1247089 for CVE-2025-38362",
"url": "https://bugzilla.suse.com/1247089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38362"
},
{
"cve": "CVE-2025-38363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38363"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: Fix a possible null pointer dereference\n\nIn tegra_crtc_reset(), new memory is allocated with kzalloc(), but\nno check is performed. Before calling __drm_atomic_helper_crtc_reset,\nstate should be checked to prevent possible null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38363",
"url": "https://www.suse.com/security/cve/CVE-2025-38363"
},
{
"category": "external",
"summary": "SUSE Bug 1247018 for CVE-2025-38363",
"url": "https://bugzilla.suse.com/1247018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38363"
},
{
"cve": "CVE-2025-38364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38364"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmaple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate()\n\nTemporarily clear the preallocation flag when explicitly requesting\nallocations. Pre-existing allocations are already counted against the\nrequest through mas_node_count_gfp(), but the allocations will not happen\nif the MA_STATE_PREALLOC flag is set. This flag is meant to avoid\nre-allocating in bulk allocation mode, and to detect issues with\npreallocation calculations.\n\nThe MA_STATE_PREALLOC flag should also always be set on zero allocations\nso that detection of underflow allocations will print a WARN_ON() during\nconsumption.\n\nUser visible effect of this flaw is a WARN_ON() followed by a null pointer\ndereference when subsequent requests for larger number of nodes is\nignored, such as the vma merge retry in mmap_region() caused by drivers\naltering the vma flags (which happens in v6.6, at least)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38364",
"url": "https://www.suse.com/security/cve/CVE-2025-38364"
},
{
"category": "external",
"summary": "SUSE Bug 1247091 for CVE-2025-38364",
"url": "https://bugzilla.suse.com/1247091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38364"
},
{
"cve": "CVE-2025-38365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a race between renames and directory logging\n\nWe have a race between a rename and directory inode logging that if it\nhappens and we crash/power fail before the rename completes, the next time\nthe filesystem is mounted, the log replay code will end up deleting the\nfile that was being renamed.\n\nThis is best explained following a step by step analysis of an interleaving\nof steps that lead into this situation.\n\nConsider the initial conditions:\n\n1) We are at transaction N;\n\n2) We have directories A and B created in a past transaction (\u003c N);\n\n3) We have inode X corresponding to a file that has 2 hardlinks, one in\n directory A and the other in directory B, so we\u0027ll name them as\n \"A/foo_link1\" and \"B/foo_link2\". Both hard links were persisted in a\n past transaction (\u003c N);\n\n4) We have inode Y corresponding to a file that as a single hard link and\n is located in directory A, we\u0027ll name it as \"A/bar\". This file was also\n persisted in a past transaction (\u003c N).\n\nThe steps leading to a file loss are the following and for all of them we\nare under transaction N:\n\n 1) Link \"A/foo_link1\" is removed, so inode\u0027s X last_unlink_trans field\n is updated to N, through btrfs_unlink() -\u003e btrfs_record_unlink_dir();\n\n 2) Task A starts a rename for inode Y, with the goal of renaming from\n \"A/bar\" to \"A/baz\", so we enter btrfs_rename();\n\n 3) Task A inserts the new BTRFS_INODE_REF_KEY for inode Y by calling\n btrfs_insert_inode_ref();\n\n 4) Because the rename happens in the same directory, we don\u0027t set the\n last_unlink_trans field of directoty A\u0027s inode to the current\n transaction id, that is, we don\u0027t cal btrfs_record_unlink_dir();\n\n 5) Task A then removes the entries from directory A (BTRFS_DIR_ITEM_KEY\n and BTRFS_DIR_INDEX_KEY items) when calling __btrfs_unlink_inode()\n (actually the dir index item is added as a delayed item, but the\n effect is the same);\n\n 6) Now before task A adds the new entry \"A/baz\" to directory A by\n calling btrfs_add_link(), another task, task B is logging inode X;\n\n 7) Task B starts a fsync of inode X and after logging inode X, at\n btrfs_log_inode_parent() it calls btrfs_log_all_parents(), since\n inode X has a last_unlink_trans value of N, set at in step 1;\n\n 8) At btrfs_log_all_parents() we search for all parent directories of\n inode X using the commit root, so we find directories A and B and log\n them. Bu when logging direct A, we don\u0027t have a dir index item for\n inode Y anymore, neither the old name \"A/bar\" nor for the new name\n \"A/baz\" since the rename has deleted the old name but has not yet\n inserted the new name - task A hasn\u0027t called yet btrfs_add_link() to\n do that.\n\n Note that logging directory A doesn\u0027t fallback to a transaction\n commit because its last_unlink_trans has a lower value than the\n current transaction\u0027s id (see step 4);\n\n 9) Task B finishes logging directories A and B and gets back to\n btrfs_sync_file() where it calls btrfs_sync_log() to persist the log\n tree;\n\n10) Task B successfully persisted the log tree, btrfs_sync_log() completed\n with success, and a power failure happened.\n\n We have a log tree without any directory entry for inode Y, so the\n log replay code deletes the entry for inode Y, name \"A/bar\", from the\n subvolume tree since it doesn\u0027t exist in the log tree and the log\n tree is authorative for its index (we logged a BTRFS_DIR_LOG_INDEX_KEY\n item that covers the index range for the dentry that corresponds to\n \"A/bar\").\n\n Since there\u0027s no other hard link for inode Y and the log replay code\n deletes the name \"A/bar\", the file is lost.\n\nThe issue wouldn\u0027t happen if task B synced the log only after task A\ncalled btrfs_log_new_name(), which would update the log with the new name\nfor inode Y (\"A/bar\").\n\nFix this by pinning the log root during renames before removing the old\ndirectory entry, and unpinning af\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38365",
"url": "https://www.suse.com/security/cve/CVE-2025-38365"
},
{
"category": "external",
"summary": "SUSE Bug 1247023 for CVE-2025-38365",
"url": "https://bugzilla.suse.com/1247023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38365"
},
{
"cve": "CVE-2025-38369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using\n\nRunning IDXD workloads in a container with the /dev directory mounted can\ntrigger a call trace or even a kernel panic when the parent process of the\ncontainer is terminated.\n\nThis issue occurs because, under certain configurations, Docker does not\nproperly propagate the mount replica back to the original mount point.\n\nIn this case, when the user driver detaches, the WQ is destroyed but it\nstill calls destroy_workqueue() attempting to completes all pending work.\nIt\u0027s necessary to check wq-\u003ewq and skip the drain if it no longer exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38369",
"url": "https://www.suse.com/security/cve/CVE-2025-38369"
},
{
"category": "external",
"summary": "SUSE Bug 1247209 for CVE-2025-38369",
"url": "https://bugzilla.suse.com/1247209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38369"
},
{
"cve": "CVE-2025-38371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Disable interrupts before resetting the GPU\n\nCurrently, an interrupt can be triggered during a GPU reset, which can\nlead to GPU hangs and NULL pointer dereference in an interrupt context\nas shown in the following trace:\n\n [ 314.035040] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n [ 314.043822] Mem abort info:\n [ 314.046606] ESR = 0x0000000096000005\n [ 314.050347] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 314.055651] SET = 0, FnV = 0\n [ 314.058695] EA = 0, S1PTW = 0\n [ 314.061826] FSC = 0x05: level 1 translation fault\n [ 314.066694] Data abort info:\n [ 314.069564] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n [ 314.075039] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n [ 314.080080] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [ 314.085382] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000102728000\n [ 314.091814] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n [ 314.100511] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n [ 314.106770] Modules linked in: v3d i2c_brcmstb vc4 snd_soc_hdmi_codec gpu_sched drm_shmem_helper drm_display_helper cec drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight\n [ 314.129654] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.25+rpt-rpi-v8 #1 Debian 1:6.12.25-1+rpt1\n [ 314.139388] Hardware name: Raspberry Pi 4 Model B Rev 1.4 (DT)\n [ 314.145211] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 314.152165] pc : v3d_irq+0xec/0x2e0 [v3d]\n [ 314.156187] lr : v3d_irq+0xe0/0x2e0 [v3d]\n [ 314.160198] sp : ffffffc080003ea0\n [ 314.163502] x29: ffffffc080003ea0 x28: ffffffec1f184980 x27: 021202b000000000\n [ 314.170633] x26: ffffffec1f17f630 x25: ffffff8101372000 x24: ffffffec1f17d9f0\n [ 314.177764] x23: 000000000000002a x22: 000000000000002a x21: ffffff8103252000\n [ 314.184895] x20: 0000000000000001 x19: 00000000deadbeef x18: 0000000000000000\n [ 314.192026] x17: ffffff94e51d2000 x16: ffffffec1dac3cb0 x15: c306000000000000\n [ 314.199156] x14: 0000000000000000 x13: b2fc982e03cc5168 x12: 0000000000000001\n [ 314.206286] x11: ffffff8103f8bcc0 x10: ffffffec1f196868 x9 : ffffffec1dac3874\n [ 314.213416] x8 : 0000000000000000 x7 : 0000000000042a3a x6 : ffffff810017a180\n [ 314.220547] x5 : ffffffec1ebad400 x4 : ffffffec1ebad320 x3 : 00000000000bebeb\n [ 314.227677] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n [ 314.234807] Call trace:\n [ 314.237243] v3d_irq+0xec/0x2e0 [v3d]\n [ 314.240906] __handle_irq_event_percpu+0x58/0x218\n [ 314.245609] handle_irq_event+0x54/0xb8\n [ 314.249439] handle_fasteoi_irq+0xac/0x240\n [ 314.253527] handle_irq_desc+0x48/0x68\n [ 314.257269] generic_handle_domain_irq+0x24/0x38\n [ 314.261879] gic_handle_irq+0x48/0xd8\n [ 314.265533] call_on_irq_stack+0x24/0x58\n [ 314.269448] do_interrupt_handler+0x88/0x98\n [ 314.273624] el1_interrupt+0x34/0x68\n [ 314.277193] el1h_64_irq_handler+0x18/0x28\n [ 314.281281] el1h_64_irq+0x64/0x68\n [ 314.284673] default_idle_call+0x3c/0x168\n [ 314.288675] do_idle+0x1fc/0x230\n [ 314.291895] cpu_startup_entry+0x3c/0x50\n [ 314.295810] rest_init+0xe4/0xf0\n [ 314.299030] start_kernel+0x5e8/0x790\n [ 314.302684] __primary_switched+0x80/0x90\n [ 314.306691] Code: 940029eb 360ffc13 f9442ea0 52800001 (f9406017)\n [ 314.312775] ---[ end trace 0000000000000000 ]---\n [ 314.317384] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n [ 314.324249] SMP: stopping secondary CPUs\n [ 314.328167] Kernel Offset: 0x2b9da00000 from 0xffffffc080000000\n [ 314.334076] PHYS_OFFSET: 0x0\n [ 314.336946] CPU features: 0x08,00002013,c0200000,0200421b\n [ 314.342337] Memory Limit: none\n [ 314.345382] ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nBefore resetting the G\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38371",
"url": "https://www.suse.com/security/cve/CVE-2025-38371"
},
{
"category": "external",
"summary": "SUSE Bug 1247178 for CVE-2025-38371",
"url": "https://bugzilla.suse.com/1247178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38371"
},
{
"cve": "CVE-2025-38373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38373"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix potential deadlock in MR deregistration\n\nThe issue arises when kzalloc() is invoked while holding umem_mutex or\nany other lock acquired under umem_mutex. This is problematic because\nkzalloc() can trigger fs_reclaim_aqcuire(), which may, in turn, invoke\nmmu_notifier_invalidate_range_start(). This function can lead to\nmlx5_ib_invalidate_range(), which attempts to acquire umem_mutex again,\nresulting in a deadlock.\n\nThe problematic flow:\n CPU0 | CPU1\n---------------------------------------|------------------------------------------------\nmlx5_ib_dereg_mr() |\n -\u003e revoke_mr() |\n -\u003e mutex_lock(\u0026umem_odp-\u003eumem_mutex) |\n | mlx5_mkey_cache_init()\n | -\u003e mutex_lock(\u0026dev-\u003ecache.rb_lock)\n | -\u003e mlx5r_cache_create_ent_locked()\n | -\u003e kzalloc(GFP_KERNEL)\n | -\u003e fs_reclaim()\n | -\u003e mmu_notifier_invalidate_range_start()\n | -\u003e mlx5_ib_invalidate_range()\n | -\u003e mutex_lock(\u0026umem_odp-\u003eumem_mutex)\n -\u003e cache_ent_find_and_store() |\n -\u003e mutex_lock(\u0026dev-\u003ecache.rb_lock) |\n\nAdditionally, when kzalloc() is called from within\ncache_ent_find_and_store(), we encounter the same deadlock due to\nre-acquisition of umem_mutex.\n\nSolve by releasing umem_mutex in dereg_mr() after umr_revoke_mr()\nand before acquiring rb_lock. This ensures that we don\u0027t hold\numem_mutex while performing memory allocations that could trigger\nthe reclaim path.\n\nThis change prevents the deadlock by ensuring proper lock ordering and\navoiding holding locks during memory allocation operations that could\ntrigger the reclaim path.\n\nThe following lockdep warning demonstrates the deadlock:\n\n python3/20557 is trying to acquire lock:\n ffff888387542128 (\u0026umem_odp-\u003eumem_mutex){+.+.}-{4:4}, at:\n mlx5_ib_invalidate_range+0x5b/0x550 [mlx5_ib]\n\n but task is already holding lock:\n ffffffff82f6b840 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}, at:\n unmap_vmas+0x7b/0x1a0\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -\u003e #3 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}:\n fs_reclaim_acquire+0x60/0xd0\n mem_cgroup_css_alloc+0x6f/0x9b0\n cgroup_init_subsys+0xa4/0x240\n cgroup_init+0x1c8/0x510\n start_kernel+0x747/0x760\n x86_64_start_reservations+0x25/0x30\n x86_64_start_kernel+0x73/0x80\n common_startup_64+0x129/0x138\n\n -\u003e #2 (fs_reclaim){+.+.}-{0:0}:\n fs_reclaim_acquire+0x91/0xd0\n __kmalloc_cache_noprof+0x4d/0x4c0\n mlx5r_cache_create_ent_locked+0x75/0x620 [mlx5_ib]\n mlx5_mkey_cache_init+0x186/0x360 [mlx5_ib]\n mlx5_ib_stage_post_ib_reg_umr_init+0x3c/0x60 [mlx5_ib]\n __mlx5_ib_add+0x4b/0x190 [mlx5_ib]\n mlx5r_probe+0xd9/0x320 [mlx5_ib]\n auxiliary_bus_probe+0x42/0x70\n really_probe+0xdb/0x360\n __driver_probe_device+0x8f/0x130\n driver_probe_device+0x1f/0xb0\n __driver_attach+0xd4/0x1f0\n bus_for_each_dev+0x79/0xd0\n bus_add_driver+0xf0/0x200\n driver_register+0x6e/0xc0\n __auxiliary_driver_register+0x6a/0xc0\n do_one_initcall+0x5e/0x390\n do_init_module+0x88/0x240\n init_module_from_file+0x85/0xc0\n idempotent_init_module+0x104/0x300\n __x64_sys_finit_module+0x68/0xc0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n -\u003e #1 (\u0026dev-\u003ecache.rb_lock){+.+.}-{4:4}:\n __mutex_lock+0x98/0xf10\n __mlx5_ib_dereg_mr+0x6f2/0x890 [mlx5_ib]\n mlx5_ib_dereg_mr+0x21/0x110 [mlx5_ib]\n ib_dereg_mr_user+0x85/0x1f0 [ib_core]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38373",
"url": "https://www.suse.com/security/cve/CVE-2025-38373"
},
{
"category": "external",
"summary": "SUSE Bug 1247033 for CVE-2025-38373",
"url": "https://bugzilla.suse.com/1247033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38373"
},
{
"cve": "CVE-2025-38375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38375"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38375",
"url": "https://www.suse.com/security/cve/CVE-2025-38375"
},
{
"category": "external",
"summary": "SUSE Bug 1247177 for CVE-2025-38375",
"url": "https://bugzilla.suse.com/1247177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38375"
},
{
"cve": "CVE-2025-38376",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38376"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: chipidea: udc: disconnect/reconnect from host when do suspend/resume\n\nShawn and John reported a hang issue during system suspend as below:\n\n - USB gadget is enabled as Ethernet\n - There is data transfer over USB Ethernet (scp a big file between host\n and device)\n - Device is going in/out suspend (echo mem \u003e /sys/power/state)\n\nThe root cause is the USB device controller is suspended but the USB bus\nis still active which caused the USB host continues to transfer data with\ndevice and the device continues to queue USB requests (in this case, a\ndelayed TCP ACK packet trigger the issue) after controller is suspended,\nhowever the USB controller clock is already gated off. Then if udc driver\naccess registers after that point, the system will hang.\n\nThe correct way to avoid such issue is to disconnect device from host when\nthe USB bus is not at suspend state. Then the host will receive disconnect\nevent and stop data transfer in time. To continue make USB gadget device\nwork after system resume, this will reconnect device automatically.\n\nTo make usb wakeup work if USB bus is already at suspend state, this will\nkeep connection for it only when USB device controller has enabled wakeup\ncapability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38376",
"url": "https://www.suse.com/security/cve/CVE-2025-38376"
},
{
"category": "external",
"summary": "SUSE Bug 1247176 for CVE-2025-38376",
"url": "https://bugzilla.suse.com/1247176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38376"
},
{
"cve": "CVE-2025-38377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38377"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrose: fix dangling neighbour pointers in rose_rt_device_down()\n\nThere are two bugs in rose_rt_device_down() that can cause\nuse-after-free:\n\n1. The loop bound `t-\u003ecount` is modified within the loop, which can\n cause the loop to terminate early and miss some entries.\n\n2. When removing an entry from the neighbour array, the subsequent entries\n are moved up to fill the gap, but the loop index `i` is still\n incremented, causing the next entry to be skipped.\n\nFor example, if a node has three neighbours (A, A, B) with count=3 and A\nis being removed, the second A is not checked.\n\n i=0: (A, A, B) -\u003e (A, B) with count=2\n ^ checked\n i=1: (A, B) -\u003e (A, B) with count=2\n ^ checked (B, not A!)\n i=2: (doesn\u0027t occur because i \u003c count is false)\n\nThis leaves the second A in the array with count=2, but the rose_neigh\nstructure has been freed. Code that accesses these entries assumes that\nthe first `count` entries are valid pointers, causing a use-after-free\nwhen it accesses the dangling pointer.\n\nFix both issues by iterating over the array in reverse order with a fixed\nloop bound. This ensures that all entries are examined and that the removal\nof an entry doesn\u0027t affect subsequent iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38377",
"url": "https://www.suse.com/security/cve/CVE-2025-38377"
},
{
"category": "external",
"summary": "SUSE Bug 1247174 for CVE-2025-38377",
"url": "https://bugzilla.suse.com/1247174"
},
{
"category": "external",
"summary": "SUSE Bug 1247175 for CVE-2025-38377",
"url": "https://bugzilla.suse.com/1247175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38377"
},
{
"cve": "CVE-2025-38380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38380"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38380",
"url": "https://www.suse.com/security/cve/CVE-2025-38380"
},
{
"category": "external",
"summary": "SUSE Bug 1247028 for CVE-2025-38380",
"url": "https://bugzilla.suse.com/1247028"
},
{
"category": "external",
"summary": "SUSE Bug 1247029 for CVE-2025-38380",
"url": "https://bugzilla.suse.com/1247029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38380"
},
{
"cve": "CVE-2025-38382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix iteration of extrefs during log replay\n\nAt __inode_add_ref() when processing extrefs, if we jump into the next\nlabel we have an undefined value of victim_name.len, since we haven\u0027t\ninitialized it before we did the goto. This results in an invalid memory\naccess in the next iteration of the loop since victim_name.len was not\ninitialized to the length of the name of the current extref.\n\nFix this by initializing victim_name.len with the current extref\u0027s name\nlength.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38382",
"url": "https://www.suse.com/security/cve/CVE-2025-38382"
},
{
"category": "external",
"summary": "SUSE Bug 1247031 for CVE-2025-38382",
"url": "https://bugzilla.suse.com/1247031"
},
{
"category": "external",
"summary": "SUSE Bug 1247032 for CVE-2025-38382",
"url": "https://bugzilla.suse.com/1247032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38382"
},
{
"cve": "CVE-2025-38384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38384"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: spinand: fix memory leak of ECC engine conf\n\nMemory allocated for the ECC engine conf is not released during spinand\ncleanup. Below kmemleak trace is seen for this memory leak:\n\nunreferenced object 0xffffff80064f00e0 (size 8):\n comm \"swapper/0\", pid 1, jiffies 4294937458\n hex dump (first 8 bytes):\n 00 00 00 00 00 00 00 00 ........\n backtrace (crc 0):\n kmemleak_alloc+0x30/0x40\n __kmalloc_cache_noprof+0x208/0x3c0\n spinand_ondie_ecc_init_ctx+0x114/0x200\n nand_ecc_init_ctx+0x70/0xa8\n nanddev_ecc_engine_init+0xec/0x27c\n spinand_probe+0xa2c/0x1620\n spi_mem_probe+0x130/0x21c\n spi_probe+0xf0/0x170\n really_probe+0x17c/0x6e8\n __driver_probe_device+0x17c/0x21c\n driver_probe_device+0x58/0x180\n __device_attach_driver+0x15c/0x1f8\n bus_for_each_drv+0xec/0x150\n __device_attach+0x188/0x24c\n device_initial_probe+0x10/0x20\n bus_probe_device+0x11c/0x160\n\nFix the leak by calling nanddev_ecc_engine_cleanup() inside\nspinand_cleanup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38384",
"url": "https://www.suse.com/security/cve/CVE-2025-38384"
},
{
"category": "external",
"summary": "SUSE Bug 1247035 for CVE-2025-38384",
"url": "https://bugzilla.suse.com/1247035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38384"
},
{
"cve": "CVE-2025-38385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect\n\nRemove redundant netif_napi_del() call from disconnect path.\n\nA WARN may be triggered in __netif_napi_del_locked() during USB device\ndisconnect:\n\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:7417 __netif_napi_del_locked+0x2b4/0x350\n\nThis happens because netif_napi_del() is called in the disconnect path while\nNAPI is still enabled. However, it is not necessary to call netif_napi_del()\nexplicitly, since unregister_netdev() will handle NAPI teardown automatically\nand safely. Removing the redundant call avoids triggering the warning.\n\nFull trace:\n lan78xx 1-1:1.0 enu1: Failed to read register index 0x000000c4. ret = -ENODEV\n lan78xx 1-1:1.0 enu1: Failed to set MAC down with error -ENODEV\n lan78xx 1-1:1.0 enu1: Link is Down\n lan78xx 1-1:1.0 enu1: Failed to read register index 0x00000120. ret = -ENODEV\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:7417 __netif_napi_del_locked+0x2b4/0x350\n Modules linked in: flexcan can_dev fuse\n CPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Not tainted 6.16.0-rc2-00624-ge926949dab03 #9 PREEMPT\n Hardware name: SKOV IMX8MP CPU revC - bd500 (DT)\n Workqueue: usb_hub_wq hub_event\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __netif_napi_del_locked+0x2b4/0x350\n lr : __netif_napi_del_locked+0x7c/0x350\n sp : ffffffc085b673c0\n x29: ffffffc085b673c0 x28: ffffff800b7f2000 x27: ffffff800b7f20d8\n x26: ffffff80110bcf58 x25: ffffff80110bd978 x24: 1ffffff0022179eb\n x23: ffffff80110bc000 x22: ffffff800b7f5000 x21: ffffff80110bc000\n x20: ffffff80110bcf38 x19: ffffff80110bcf28 x18: dfffffc000000000\n x17: ffffffc081578940 x16: ffffffc08284cee0 x15: 0000000000000028\n x14: 0000000000000006 x13: 0000000000040000 x12: ffffffb0022179e8\n x11: 1ffffff0022179e7 x10: ffffffb0022179e7 x9 : dfffffc000000000\n x8 : 0000004ffdde8619 x7 : ffffff80110bcf3f x6 : 0000000000000001\n x5 : ffffff80110bcf38 x4 : ffffff80110bcf38 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 1ffffff0022179e7 x0 : 0000000000000000\n Call trace:\n __netif_napi_del_locked+0x2b4/0x350 (P)\n lan78xx_disconnect+0xf4/0x360\n usb_unbind_interface+0x158/0x718\n device_remove+0x100/0x150\n device_release_driver_internal+0x308/0x478\n device_release_driver+0x1c/0x30\n bus_remove_device+0x1a8/0x368\n device_del+0x2e0/0x7b0\n usb_disable_device+0x244/0x540\n usb_disconnect+0x220/0x758\n hub_event+0x105c/0x35e0\n process_one_work+0x760/0x17b0\n worker_thread+0x768/0xce8\n kthread+0x3bc/0x690\n ret_from_fork+0x10/0x20\n irq event stamp: 211604\n hardirqs last enabled at (211603): [\u003cffffffc0828cc9ec\u003e] _raw_spin_unlock_irqrestore+0x84/0x98\n hardirqs last disabled at (211604): [\u003cffffffc0828a9a84\u003e] el1_dbg+0x24/0x80\n softirqs last enabled at (211296): [\u003cffffffc080095f10\u003e] handle_softirqs+0x820/0xbc8\n softirqs last disabled at (210993): [\u003cffffffc080010288\u003e] __do_softirq+0x18/0x20\n ---[ end trace 0000000000000000 ]---\n lan78xx 1-1:1.0 enu1: failed to kill vid 0081/0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38385",
"url": "https://www.suse.com/security/cve/CVE-2025-38385"
},
{
"category": "external",
"summary": "SUSE Bug 1247149 for CVE-2025-38385",
"url": "https://bugzilla.suse.com/1247149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38385"
},
{
"cve": "CVE-2025-38386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Refuse to evaluate a method if arguments are missing\n\nAs reported in [1], a platform firmware update that increased the number\nof method parameters and forgot to update a least one of its callers,\ncaused ACPICA to crash due to use-after-free.\n\nSince this a result of a clear AML issue that arguably cannot be fixed\nup by the interpreter (it cannot produce missing data out of thin air),\naddress it by making ACPICA refuse to evaluate a method if the caller\nattempts to pass fewer arguments than expected to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38386",
"url": "https://www.suse.com/security/cve/CVE-2025-38386"
},
{
"category": "external",
"summary": "SUSE Bug 1247138 for CVE-2025-38386",
"url": "https://bugzilla.suse.com/1247138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38386"
},
{
"cve": "CVE-2025-38387",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38387"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize obj_event-\u003eobj_sub_list before xa_insert\n\nThe obj_event may be loaded immediately after inserted, then if the\nlist_head is not initialized then we may get a poisonous pointer. This\nfixes the crash below:\n\n mlx5_core 0000:03:00.0: MLX5E: StrdRq(1) RqSz(8) StrdSz(2048) RxCqeCmprss(0 enhanced)\n mlx5_core.sf mlx5_core.sf.4: firmware version: 32.38.3056\n mlx5_core 0000:03:00.0 en3f0pf0sf2002: renamed from eth0\n mlx5_core.sf mlx5_core.sf.4: Rate limit: 127 rates are supported, range: 0Mbps to 195312Mbps\n IPv6: ADDRCONF(NETDEV_CHANGE): en3f0pf0sf2002: link becomes ready\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n Mem abort info:\n ESR = 0x96000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000007760fb000\n [0000000000000060] pgd=000000076f6d7003, p4d=000000076f6d7003, pud=0000000777841003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#1] SMP\n Modules linked in: ipmb_host(OE) act_mirred(E) cls_flower(E) sch_ingress(E) mptcp_diag(E) udp_diag(E) raw_diag(E) unix_diag(E) tcp_diag(E) inet_diag(E) binfmt_misc(E) bonding(OE) rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) isofs(E) cdrom(E) mst_pciconf(OE) ib_umad(OE) mlx5_ib(OE) ipmb_dev_int(OE) mlx5_core(OE) kpatch_15237886(OEK) mlxdevm(OE) auxiliary(OE) ib_uverbs(OE) ib_core(OE) psample(E) mlxfw(OE) tls(E) sunrpc(E) vfat(E) fat(E) crct10dif_ce(E) ghash_ce(E) sha1_ce(E) sbsa_gwdt(E) virtio_console(E) ext4(E) mbcache(E) jbd2(E) xfs(E) libcrc32c(E) mmc_block(E) virtio_net(E) net_failover(E) failover(E) sha2_ce(E) sha256_arm64(E) nvme(OE) nvme_core(OE) gpio_mlxbf3(OE) mlx_compat(OE) mlxbf_pmc(OE) i2c_mlxbf(OE) sdhci_of_dwcmshc(OE) pinctrl_mlxbf3(OE) mlxbf_pka(OE) gpio_generic(E) i2c_core(E) mmc_core(E) mlxbf_gige(OE) vitesse(E) pwr_mlxbf(OE) mlxbf_tmfifo(OE) micrel(E) mlxbf_bootctl(OE) virtio_ring(E) virtio(E) ipmi_devintf(E) ipmi_msghandler(E)\n [last unloaded: mst_pci]\n CPU: 11 PID: 20913 Comm: rte-worker-11 Kdump: loaded Tainted: G OE K 5.10.134-13.1.an8.aarch64 #1\n Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.2.2.12968 Oct 26 2023\n pstate: a0400089 (NzCv daIf +PAN -UAO -TCO BTYPE=--)\n pc : dispatch_event_fd+0x68/0x300 [mlx5_ib]\n lr : devx_event_notifier+0xcc/0x228 [mlx5_ib]\n sp : ffff80001005bcf0\n x29: ffff80001005bcf0 x28: 0000000000000001\n x27: ffff244e0740a1d8 x26: ffff244e0740a1d0\n x25: ffffda56beff5ae0 x24: ffffda56bf911618\n x23: ffff244e0596a480 x22: ffff244e0596a480\n x21: ffff244d8312ad90 x20: ffff244e0596a480\n x19: fffffffffffffff0 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffda56be66d620\n x15: 0000000000000000 x14: 0000000000000000\n x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000040 x10: ffffda56bfcafb50\n x9 : ffffda5655c25f2c x8 : 0000000000000010\n x7 : 0000000000000000 x6 : ffff24545a2e24b8\n x5 : 0000000000000003 x4 : ffff80001005bd28\n x3 : 0000000000000000 x2 : 0000000000000000\n x1 : ffff244e0596a480 x0 : ffff244d8312ad90\n Call trace:\n dispatch_event_fd+0x68/0x300 [mlx5_ib]\n devx_event_notifier+0xcc/0x228 [mlx5_ib]\n atomic_notifier_call_chain+0x58/0x80\n mlx5_eq_async_int+0x148/0x2b0 [mlx5_core]\n atomic_notifier_call_chain+0x58/0x80\n irq_int_handler+0x20/0x30 [mlx5_core]\n __handle_irq_event_percpu+0x60/0x220\n handle_irq_event_percpu+0x3c/0x90\n handle_irq_event+0x58/0x158\n handle_fasteoi_irq+0xfc/0x188\n generic_handle_irq+0x34/0x48\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38387",
"url": "https://www.suse.com/security/cve/CVE-2025-38387"
},
{
"category": "external",
"summary": "SUSE Bug 1247154 for CVE-2025-38387",
"url": "https://bugzilla.suse.com/1247154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38387"
},
{
"cve": "CVE-2025-38389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Fix timeline left held on VMA alloc error\n\nThe following error has been reported sporadically by CI when a test\nunbinds the i915 driver on a ring submission platform:\n\n\u003c4\u003e [239.330153] ------------[ cut here ]------------\n\u003c4\u003e [239.330166] i915 0000:00:02.0: [drm] drm_WARN_ON(dev_priv-\u003emm.shrink_count)\n\u003c4\u003e [239.330196] WARNING: CPU: 1 PID: 18570 at drivers/gpu/drm/i915/i915_gem.c:1309 i915_gem_cleanup_early+0x13e/0x150 [i915]\n...\n\u003c4\u003e [239.330640] RIP: 0010:i915_gem_cleanup_early+0x13e/0x150 [i915]\n...\n\u003c4\u003e [239.330942] Call Trace:\n\u003c4\u003e [239.330944] \u003cTASK\u003e\n\u003c4\u003e [239.330949] i915_driver_late_release+0x2b/0xa0 [i915]\n\u003c4\u003e [239.331202] i915_driver_release+0x86/0xa0 [i915]\n\u003c4\u003e [239.331482] devm_drm_dev_init_release+0x61/0x90\n\u003c4\u003e [239.331494] devm_action_release+0x15/0x30\n\u003c4\u003e [239.331504] release_nodes+0x3d/0x120\n\u003c4\u003e [239.331517] devres_release_all+0x96/0xd0\n\u003c4\u003e [239.331533] device_unbind_cleanup+0x12/0x80\n\u003c4\u003e [239.331543] device_release_driver_internal+0x23a/0x280\n\u003c4\u003e [239.331550] ? bus_find_device+0xa5/0xe0\n\u003c4\u003e [239.331563] device_driver_detach+0x14/0x20\n...\n\u003c4\u003e [357.719679] ---[ end trace 0000000000000000 ]---\n\nIf the test also unloads the i915 module then that\u0027s followed with:\n\n\u003c3\u003e [357.787478] =============================================================================\n\u003c3\u003e [357.788006] BUG i915_vma (Tainted: G U W N ): Objects remaining on __kmem_cache_shutdown()\n\u003c3\u003e [357.788031] -----------------------------------------------------------------------------\n\u003c3\u003e [357.788204] Object 0xffff888109e7f480 @offset=29824\n\u003c3\u003e [357.788670] Allocated in i915_vma_instance+0xee/0xc10 [i915] age=292729 cpu=4 pid=2244\n\u003c4\u003e [357.788994] i915_vma_instance+0xee/0xc10 [i915]\n\u003c4\u003e [357.789290] init_status_page+0x7b/0x420 [i915]\n\u003c4\u003e [357.789532] intel_engines_init+0x1d8/0x980 [i915]\n\u003c4\u003e [357.789772] intel_gt_init+0x175/0x450 [i915]\n\u003c4\u003e [357.790014] i915_gem_init+0x113/0x340 [i915]\n\u003c4\u003e [357.790281] i915_driver_probe+0x847/0xed0 [i915]\n\u003c4\u003e [357.790504] i915_pci_probe+0xe6/0x220 [i915]\n...\n\nCloser analysis of CI results history has revealed a dependency of the\nerror on a few IGT tests, namely:\n- igt@api_intel_allocator@fork-simple-stress-signal,\n- igt@api_intel_allocator@two-level-inception-interruptible,\n- igt@gem_linear_blits@interruptible,\n- igt@prime_mmap_coherency@ioctl-errors,\nwhich invisibly trigger the issue, then exhibited with first driver unbind\nattempt.\n\nAll of the above tests perform actions which are actively interrupted with\nsignals. Further debugging has allowed to narrow that scope down to\nDRM_IOCTL_I915_GEM_EXECBUFFER2, and ring_context_alloc(), specific to ring\nsubmission, in particular.\n\nIf successful then that function, or its execlists or GuC submission\nequivalent, is supposed to be called only once per GEM context engine,\nfollowed by raise of a flag that prevents the function from being called\nagain. The function is expected to unwind its internal errors itself, so\nit may be safely called once more after it returns an error.\n\nIn case of ring submission, the function first gets a reference to the\nengine\u0027s legacy timeline and then allocates a VMA. If the VMA allocation\nfails, e.g. when i915_vma_instance() called from inside is interrupted\nwith a signal, then ring_context_alloc() fails, leaving the timeline held\nreferenced. On next I915_GEM_EXECBUFFER2 IOCTL, another reference to the\ntimeline is got, and only that last one is put on successful completion.\nAs a consequence, the legacy timeline, with its underlying engine status\npage\u0027s VMA object, is still held and not released on driver unbind.\n\nGet the legacy timeline only after successful allocation of the context\nengine\u0027s VMA.\n\nv2: Add a note on other submission methods (Krzysztof Karas):\n Both execlists and GuC submission use lrc_alloc() which seems free\n from a similar issue.\n\n(cherry picked from commit cc43422b3cc79eacff4c5a8ba0d224688ca9dd4f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38389",
"url": "https://www.suse.com/security/cve/CVE-2025-38389"
},
{
"category": "external",
"summary": "SUSE Bug 1247153 for CVE-2025-38389",
"url": "https://bugzilla.suse.com/1247153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38389"
},
{
"cve": "CVE-2025-38391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: do not index invalid pin_assignments\n\nA poorly implemented DisplayPort Alt Mode port partner can indicate\nthat its pin assignment capabilities are greater than the maximum\nvalue, DP_PIN_ASSIGN_F. In this case, calls to pin_assignment_show\nwill cause a BRK exception due to an out of bounds array access.\n\nPrevent for loop in pin_assignment_show from accessing\ninvalid values in pin_assignments by adding DP_PIN_ASSIGN_MAX\nvalue in typec_dp.h and using i \u003c DP_PIN_ASSIGN_MAX as a loop\ncondition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38391",
"url": "https://www.suse.com/security/cve/CVE-2025-38391"
},
{
"category": "external",
"summary": "SUSE Bug 1247181 for CVE-2025-38391",
"url": "https://bugzilla.suse.com/1247181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38391"
},
{
"cve": "CVE-2025-38392",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38392"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert control queue mutex to a spinlock\n\nWith VIRTCHNL2_CAP_MACFILTER enabled, the following warning is generated\non module load:\n\n[ 324.701677] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578\n[ 324.701684] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1582, name: NetworkManager\n[ 324.701689] preempt_count: 201, expected: 0\n[ 324.701693] RCU nest depth: 0, expected: 0\n[ 324.701697] 2 locks held by NetworkManager/1582:\n[ 324.701702] #0: ffffffff9f7be770 (rtnl_mutex){....}-{3:3}, at: rtnl_newlink+0x791/0x21e0\n[ 324.701730] #1: ff1100216c380368 (_xmit_ETHER){....}-{2:2}, at: __dev_open+0x3f0/0x870\n[ 324.701749] Preemption disabled at:\n[ 324.701752] [\u003cffffffff9cd23b9d\u003e] __dev_open+0x3dd/0x870\n[ 324.701765] CPU: 30 UID: 0 PID: 1582 Comm: NetworkManager Not tainted 6.15.0-rc5+ #2 PREEMPT(voluntary)\n[ 324.701771] Hardware name: Intel Corporation M50FCP2SBSTD/M50FCP2SBSTD, BIOS SE5C741.86B.01.01.0001.2211140926 11/14/2022\n[ 324.701774] Call Trace:\n[ 324.701777] \u003cTASK\u003e\n[ 324.701779] dump_stack_lvl+0x5d/0x80\n[ 324.701788] ? __dev_open+0x3dd/0x870\n[ 324.701793] __might_resched.cold+0x1ef/0x23d\n\u003c..\u003e\n[ 324.701818] __mutex_lock+0x113/0x1b80\n\u003c..\u003e\n[ 324.701917] idpf_ctlq_clean_sq+0xad/0x4b0 [idpf]\n[ 324.701935] ? kasan_save_track+0x14/0x30\n[ 324.701941] idpf_mb_clean+0x143/0x380 [idpf]\n\u003c..\u003e\n[ 324.701991] idpf_send_mb_msg+0x111/0x720 [idpf]\n[ 324.702009] idpf_vc_xn_exec+0x4cc/0x990 [idpf]\n[ 324.702021] ? rcu_is_watching+0x12/0xc0\n[ 324.702035] idpf_add_del_mac_filters+0x3ed/0xb50 [idpf]\n\u003c..\u003e\n[ 324.702122] __hw_addr_sync_dev+0x1cf/0x300\n[ 324.702126] ? find_held_lock+0x32/0x90\n[ 324.702134] idpf_set_rx_mode+0x317/0x390 [idpf]\n[ 324.702152] __dev_open+0x3f8/0x870\n[ 324.702159] ? __pfx___dev_open+0x10/0x10\n[ 324.702174] __dev_change_flags+0x443/0x650\n\u003c..\u003e\n[ 324.702208] netif_change_flags+0x80/0x160\n[ 324.702218] do_setlink.isra.0+0x16a0/0x3960\n\u003c..\u003e\n[ 324.702349] rtnl_newlink+0x12fd/0x21e0\n\nThe sequence is as follows:\n\trtnl_newlink()-\u003e\n\t__dev_change_flags()-\u003e\n\t__dev_open()-\u003e\n\tdev_set_rx_mode() - \u003e # disables BH and grabs \"dev-\u003eaddr_list_lock\"\n\tidpf_set_rx_mode() -\u003e # proceed only if VIRTCHNL2_CAP_MACFILTER is ON\n\t__dev_uc_sync() -\u003e\n\tidpf_add_mac_filter -\u003e\n\tidpf_add_del_mac_filters -\u003e\n\tidpf_send_mb_msg() -\u003e\n\tidpf_mb_clean() -\u003e\n\tidpf_ctlq_clean_sq() # mutex_lock(cq_lock)\n\nFix by converting cq_lock to a spinlock. All operations under the new\nlock are safe except freeing the DMA memory, which may use vunmap(). Fix\nby requesting a contiguous physical memory for the DMA mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38392",
"url": "https://www.suse.com/security/cve/CVE-2025-38392"
},
{
"category": "external",
"summary": "SUSE Bug 1247169 for CVE-2025-38392",
"url": "https://bugzilla.suse.com/1247169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38392"
},
{
"cve": "CVE-2025-38393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN\n\nWe found a few different systems hung up in writeback waiting on the same\npage lock, and one task waiting on the NFS_LAYOUT_DRAIN bit in\npnfs_update_layout(), however the pnfs_layout_hdr\u0027s plh_outstanding count\nwas zero.\n\nIt seems most likely that this is another race between the waiter and waker\nsimilar to commit ed0172af5d6f (\"SUNRPC: Fix a race to wake a sync task\").\nFix it up by applying the advised barrier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38393",
"url": "https://www.suse.com/security/cve/CVE-2025-38393"
},
{
"category": "external",
"summary": "SUSE Bug 1247170 for CVE-2025-38393",
"url": "https://bugzilla.suse.com/1247170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38393"
},
{
"cve": "CVE-2025-38395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: gpio: Fix the out-of-bounds access to drvdata::gpiods\n\ndrvdata::gpiods is supposed to hold an array of \u0027gpio_desc\u0027 pointers. But\nthe memory is allocated for only one pointer. This will lead to\nout-of-bounds access later in the code if \u0027config::ngpios\u0027 is \u003e 1. So\nfix the code to allocate enough memory to hold \u0027config::ngpios\u0027 of GPIO\ndescriptors.\n\nWhile at it, also move the check for memory allocation failure to be below\nthe allocation to make it more readable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38395",
"url": "https://www.suse.com/security/cve/CVE-2025-38395"
},
{
"category": "external",
"summary": "SUSE Bug 1247171 for CVE-2025-38395",
"url": "https://bugzilla.suse.com/1247171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38395"
},
{
"cve": "CVE-2025-38396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass\n\nExport anon_inode_make_secure_inode() to allow KVM guest_memfd to create\nanonymous inodes with proper security context. This replaces the current\npattern of calling alloc_anon_inode() followed by\ninode_init_security_anon() for creating security context manually.\n\nThis change also fixes a security regression in secretmem where the\nS_PRIVATE flag was not cleared after alloc_anon_inode(), causing\nLSM/SELinux checks to be bypassed for secretmem file descriptors.\n\nAs guest_memfd currently resides in the KVM module, we need to export this\nsymbol for use outside the core kernel. In the future, guest_memfd might be\nmoved to core-mm, at which point the symbols no longer would have to be\nexported. When/if that happens is still unclear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38396",
"url": "https://www.suse.com/security/cve/CVE-2025-38396"
},
{
"category": "external",
"summary": "SUSE Bug 1247156 for CVE-2025-38396",
"url": "https://bugzilla.suse.com/1247156"
},
{
"category": "external",
"summary": "SUSE Bug 1247158 for CVE-2025-38396",
"url": "https://bugzilla.suse.com/1247158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38396"
},
{
"cve": "CVE-2025-38399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()\n\nThe function core_scsi3_decode_spec_i_port(), in its error code path,\nunconditionally calls core_scsi3_lunacl_undepend_item() passing the\ndest_se_deve pointer, which may be NULL.\n\nThis can lead to a NULL pointer dereference if dest_se_deve remains\nunset.\n\nSPC-3 PR SPEC_I_PT: Unable to locate dest_tpg\nUnable to handle kernel paging request at virtual address dfff800000000012\nCall trace:\n core_scsi3_lunacl_undepend_item+0x2c/0xf0 [target_core_mod] (P)\n core_scsi3_decode_spec_i_port+0x120c/0x1c30 [target_core_mod]\n core_scsi3_emulate_pro_register+0x6b8/0xcd8 [target_core_mod]\n target_scsi3_emulate_pr_out+0x56c/0x840 [target_core_mod]\n\nFix this by adding a NULL check before calling\ncore_scsi3_lunacl_undepend_item()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38399",
"url": "https://www.suse.com/security/cve/CVE-2025-38399"
},
{
"category": "external",
"summary": "SUSE Bug 1247097 for CVE-2025-38399",
"url": "https://bugzilla.suse.com/1247097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38399"
},
{
"cve": "CVE-2025-38400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.\n\nsyzbot reported a warning below [1] following a fault injection in\nnfs_fs_proc_net_init(). [0]\n\nWhen nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed.\n\nLater, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning\nis logged as the directory is not empty.\n\nLet\u0027s handle the error of nfs_fs_proc_net_init() properly.\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n should_fail_ex (lib/fault-inject.c:73 lib/fault-inject.c:174)\n should_failslab (mm/failslab.c:46)\n kmem_cache_alloc_noprof (mm/slub.c:4178 mm/slub.c:4204)\n __proc_create (fs/proc/generic.c:427)\n proc_create_reg (fs/proc/generic.c:554)\n proc_create_net_data (fs/proc/proc_net.c:120)\n nfs_fs_proc_net_init (fs/nfs/client.c:1409)\n nfs_net_init (fs/nfs/inode.c:2600)\n ops_init (net/core/net_namespace.c:138)\n setup_net (net/core/net_namespace.c:443)\n copy_net_ns (net/core/net_namespace.c:576)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_namespaces (kernel/nsproxy.c:218 (discriminator 4))\n ksys_unshare (kernel/fork.c:3123)\n __x64_sys_unshare (kernel/fork.c:3190)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n\n[1]:\nremove_proc_entry: removing non-empty directory \u0027net/rpc\u0027, leaking at least \u0027nfs\u0027\n WARNING: CPU: 1 PID: 6120 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nModules linked in:\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n RIP: 0010:remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nCode: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 40 ba a2 8b 48 c7 c7 60 b9 a2 8b e8 33 81 1d ff 90 \u003c0f\u003e 0b 90 90 e9 5f fe ff ff e8 04 69 5e ff 90 48 b8 00 00 00 00 00\nRSP: 0018:ffffc90003637b08 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff88805f534140 RCX: ffffffff817a92c8\nRDX: ffff88807da99e00 RSI: ffffffff817a92d5 RDI: 0000000000000001\nRBP: ffff888033431ac0 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff888033431a00\nR13: ffff888033431ae4 R14: ffff888033184724 R15: dffffc0000000000\nFS: 0000555580328500(0000) GS:ffff888124a62000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f71733743e0 CR3: 000000007f618000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n sunrpc_exit_net+0x46/0x90 net/sunrpc/sunrpc_syms.c:76\n ops_exit_list net/core/net_namespace.c:200 [inline]\n ops_undo_list+0x2eb/0xab0 net/core/net_namespace.c:253\n setup_net+0x2e1/0x510 net/core/net_namespace.c:457\n copy_net_ns+0x2a6/0x5f0 net/core/net_namespace.c:574\n create_new_namespaces+0x3ea/0xa90 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:218\n ksys_unshare+0x45b/0xa40 kernel/fork.c:3121\n __do_sys_unshare kernel/fork.c:3192 [inline]\n __se_sys_unshare kernel/fork.c:3190 [inline]\n __x64_sys_unshare+0x31/0x40 kernel/fork.c:3190\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x490 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fa1a6b8e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38400",
"url": "https://www.suse.com/security/cve/CVE-2025-38400"
},
{
"category": "external",
"summary": "SUSE Bug 1247123 for CVE-2025-38400",
"url": "https://bugzilla.suse.com/1247123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38400"
},
{
"cve": "CVE-2025-38401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtk-sd: Prevent memory corruption from DMA map failure\n\nIf msdc_prepare_data() fails to map the DMA region, the request is\nnot prepared for data receiving, but msdc_start_data() proceeds\nthe DMA with previous setting.\nSince this will lead a memory corruption, we have to stop the\nrequest operation soon after the msdc_prepare_data() fails to\nprepare it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38401",
"url": "https://www.suse.com/security/cve/CVE-2025-38401"
},
{
"category": "external",
"summary": "SUSE Bug 1247125 for CVE-2025-38401",
"url": "https://bugzilla.suse.com/1247125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38401"
},
{
"cve": "CVE-2025-38403",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38403"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/vmci: Clear the vmci transport packet properly when initializing it\n\nIn vmci_transport_packet_init memset the vmci_transport_packet before\npopulating the fields to avoid any uninitialised data being left in the\nstructure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38403",
"url": "https://www.suse.com/security/cve/CVE-2025-38403"
},
{
"category": "external",
"summary": "SUSE Bug 1247141 for CVE-2025-38403",
"url": "https://bugzilla.suse.com/1247141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38403"
},
{
"cve": "CVE-2025-38404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: displayport: Fix potential deadlock\n\nThe deadlock can occur due to a recursive lock acquisition of\n`cros_typec_altmode_data::mutex`.\nThe call chain is as follows:\n1. cros_typec_altmode_work() acquires the mutex\n2. typec_altmode_vdm() -\u003e dp_altmode_vdm() -\u003e\n3. typec_altmode_exit() -\u003e cros_typec_altmode_exit()\n4. cros_typec_altmode_exit() attempts to acquire the mutex again\n\nTo prevent this, defer the `typec_altmode_exit()` call by scheduling\nit rather than calling it directly from within the mutex-protected\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38404",
"url": "https://www.suse.com/security/cve/CVE-2025-38404"
},
{
"category": "external",
"summary": "SUSE Bug 1247271 for CVE-2025-38404",
"url": "https://bugzilla.suse.com/1247271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38404"
},
{
"cve": "CVE-2025-38406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath6kl: remove WARN on bad firmware input\n\nIf the firmware gives bad input, that\u0027s nothing to do with\nthe driver\u0027s stack at this point etc., so the WARN_ON()\ndoesn\u0027t add any value. Additionally, this is one of the\ntop syzbot reports now. Just print a message, and as an\nadded bonus, print the sizes too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38406",
"url": "https://www.suse.com/security/cve/CVE-2025-38406"
},
{
"category": "external",
"summary": "SUSE Bug 1247210 for CVE-2025-38406",
"url": "https://bugzilla.suse.com/1247210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38406"
},
{
"cve": "CVE-2025-38409",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38409"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix another leak in the submit error path\n\nput_unused_fd() doesn\u0027t free the installed file, if we\u0027ve already done\nfd_install(). So we need to also free the sync_file.\n\nPatchwork: https://patchwork.freedesktop.org/patch/653583/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38409",
"url": "https://www.suse.com/security/cve/CVE-2025-38409"
},
{
"category": "external",
"summary": "SUSE Bug 1247285 for CVE-2025-38409",
"url": "https://bugzilla.suse.com/1247285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38409"
},
{
"cve": "CVE-2025-38410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix a fence leak in submit error path\n\nIn error paths, we could unref the submit without calling\ndrm_sched_entity_push_job(), so msm_job_free() will never get\ncalled. Since drm_sched_job_cleanup() will NULL out the\ns_fence, we can use that to detect this case.\n\nPatchwork: https://patchwork.freedesktop.org/patch/653584/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38410",
"url": "https://www.suse.com/security/cve/CVE-2025-38410"
},
{
"category": "external",
"summary": "SUSE Bug 1247128 for CVE-2025-38410",
"url": "https://bugzilla.suse.com/1247128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38410"
},
{
"cve": "CVE-2025-38412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38412"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks\n\nAfter retrieving WMI data blocks in sysfs callbacks, check for the\nvalidity of them before dereferencing their content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38412",
"url": "https://www.suse.com/security/cve/CVE-2025-38412"
},
{
"category": "external",
"summary": "SUSE Bug 1247132 for CVE-2025-38412",
"url": "https://bugzilla.suse.com/1247132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38412"
},
{
"cve": "CVE-2025-38414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850\n\nGCC_GCC_PCIE_HOT_RST is wrongly defined for WCN7850, causing kernel crash\non some specific platforms.\n\nSince this register is divergent for WCN7850 and QCN9274, move it to\nregister table to allow different definitions. Then correct the register\naddress for WCN7850 to fix this issue.\n\nNote IPQ5332 is not affected as it is not PCIe based device.\n\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38414",
"url": "https://www.suse.com/security/cve/CVE-2025-38414"
},
{
"category": "external",
"summary": "SUSE Bug 1247145 for CVE-2025-38414",
"url": "https://bugzilla.suse.com/1247145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38414"
},
{
"cve": "CVE-2025-38415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check return result of sb_min_blocksize\n\nSyzkaller reports an \"UBSAN: shift-out-of-bounds in squashfs_bio_read\" bug.\n\nSyzkaller forks multiple processes which after mounting the Squashfs\nfilesystem, issues an ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). \nNow if this ioctl occurs at the same time another process is in the\nprocess of mounting a Squashfs filesystem on /dev/loop0, the failure\noccurs. When this happens the following code in squashfs_fill_super()\nfails.\n\n----\nmsblk-\u003edevblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);\nmsblk-\u003edevblksize_log2 = ffz(~msblk-\u003edevblksize);\n----\n\nsb_min_blocksize() returns 0, which means msblk-\u003edevblksize is set to 0.\n\nAs a result, ffz(~msblk-\u003edevblksize) returns 64, and msblk-\u003edevblksize_log2\nis set to 64.\n\nThis subsequently causes the\n\nUBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36\nshift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka\n\u0027unsigned long long\u0027)\n\nThis commit adds a check for a 0 return by sb_min_blocksize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38415",
"url": "https://www.suse.com/security/cve/CVE-2025-38415"
},
{
"category": "external",
"summary": "SUSE Bug 1247147 for CVE-2025-38415",
"url": "https://bugzilla.suse.com/1247147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38415"
},
{
"cve": "CVE-2025-38416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: uart: Set tty-\u003edisc_data only in success path\n\nSetting tty-\u003edisc_data before opening the NCI device means we need to\nclean it up on error paths. This also opens some short window if device\nstarts sending data, even before NCIUARTSETDRIVER IOCTL succeeded\n(broken hardware?). Close the window by exposing tty-\u003edisc_data only on\nthe success path, when opening of the NCI device and try_module_get()\nsucceeds.\n\nThe code differs in error path in one aspect: tty-\u003edisc_data won\u0027t be\never assigned thus NULL-ified. This however should not be relevant\ndifference, because of \"tty-\u003edisc_data=NULL\" in nci_uart_tty_open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38416",
"url": "https://www.suse.com/security/cve/CVE-2025-38416"
},
{
"category": "external",
"summary": "SUSE Bug 1247151 for CVE-2025-38416",
"url": "https://bugzilla.suse.com/1247151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38416"
},
{
"cve": "CVE-2025-38420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38420"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: do not ping device which has failed to load firmware\n\nSyzkaller reports [1, 2] crashes caused by an attempts to ping\nthe device which has failed to load firmware. Since such a device\ndoesn\u0027t pass \u0027ieee80211_register_hw()\u0027, an internal workqueue\nmanaged by \u0027ieee80211_queue_work()\u0027 is not yet created and an\nattempt to queue work on it causes null-ptr-deref.\n\n[1] https://syzkaller.appspot.com/bug?extid=9a4aec827829942045ff\n[2] https://syzkaller.appspot.com/bug?extid=0d8afba53e8fb2633217",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38420",
"url": "https://www.suse.com/security/cve/CVE-2025-38420"
},
{
"category": "external",
"summary": "SUSE Bug 1247279 for CVE-2025-38420",
"url": "https://bugzilla.suse.com/1247279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38420"
},
{
"cve": "CVE-2025-38424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix sample vs do_exit()\n\nBaisheng Gao reported an ARM64 crash, which Mark decoded as being a\nsynchronous external abort -- most likely due to trying to access\nMMIO in bad ways.\n\nThe crash further shows perf trying to do a user stack sample while in\nexit_mmap()\u0027s tlb_finish_mmu() -- i.e. while tearing down the address\nspace it is trying to access.\n\nIt turns out that we stop perf after we tear down the userspace mm; a\nreceipie for disaster, since perf likes to access userspace for\nvarious reasons.\n\nFlip this order by moving up where we stop perf in do_exit().\n\nAdditionally, harden PERF_SAMPLE_CALLCHAIN and PERF_SAMPLE_STACK_USER\nto abort when the current task does not have an mm (exit_mm() makes\nsure to set current-\u003emm = NULL; before commencing with the actual\nteardown). Such that CPU wide events don\u0027t trip on this same problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38424",
"url": "https://www.suse.com/security/cve/CVE-2025-38424"
},
{
"category": "external",
"summary": "SUSE Bug 1247293 for CVE-2025-38424",
"url": "https://bugzilla.suse.com/1247293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38424"
},
{
"cve": "CVE-2025-38425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38425"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: tegra: check msg length in SMBUS block read\n\nFor SMBUS block read, do not continue to read if the message length\npassed from the device is \u00270\u0027 or greater than the maximum allowed bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38425",
"url": "https://www.suse.com/security/cve/CVE-2025-38425"
},
{
"category": "external",
"summary": "SUSE Bug 1247251 for CVE-2025-38425",
"url": "https://bugzilla.suse.com/1247251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38425"
},
{
"cve": "CVE-2025-38426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38426"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Add basic validation for RAS header\n\nIf RAS header read from EEPROM is corrupted, it could result in trying\nto allocate huge memory for reading the records. Add some validation to\nheader fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38426",
"url": "https://www.suse.com/security/cve/CVE-2025-38426"
},
{
"category": "external",
"summary": "SUSE Bug 1247252 for CVE-2025-38426",
"url": "https://bugzilla.suse.com/1247252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38426"
},
{
"cve": "CVE-2025-38428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38428"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ims-pcu - check record size in ims_pcu_flash_firmware()\n\nThe \"len\" variable comes from the firmware and we generally do\ntrust firmware, but it\u0027s always better to double check. If the \"len\"\nis too large it could result in memory corruption when we do\n\"memcpy(fragment-\u003edata, rec-\u003edata, len);\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38428",
"url": "https://www.suse.com/security/cve/CVE-2025-38428"
},
{
"category": "external",
"summary": "SUSE Bug 1247150 for CVE-2025-38428",
"url": "https://bugzilla.suse.com/1247150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38428"
},
{
"cve": "CVE-2025-38429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: ep: Update read pointer only after buffer is written\n\nInside mhi_ep_ring_add_element, the read pointer (rd_offset) is updated\nbefore the buffer is written, potentially causing race conditions where\nthe host sees an updated read pointer before the buffer is actually\nwritten. Updating rd_offset prematurely can lead to the host accessing\nan uninitialized or incomplete element, resulting in data corruption.\n\nInvoke the buffer write before updating rd_offset to ensure the element\nis fully written before signaling its availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38429",
"url": "https://www.suse.com/security/cve/CVE-2025-38429"
},
{
"category": "external",
"summary": "SUSE Bug 1247253 for CVE-2025-38429",
"url": "https://bugzilla.suse.com/1247253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38429"
},
{
"cve": "CVE-2025-38430",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38430"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: nfsd4_spo_must_allow() must check this is a v4 compound request\n\nIf the request being processed is not a v4 compound request, then\nexamining the cstate can have undefined results.\n\nThis patch adds a check that the rpc procedure being executed\n(rq_procinfo) is the NFSPROC4_COMPOUND procedure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38430",
"url": "https://www.suse.com/security/cve/CVE-2025-38430"
},
{
"category": "external",
"summary": "SUSE Bug 1247160 for CVE-2025-38430",
"url": "https://bugzilla.suse.com/1247160"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38430"
},
{
"cve": "CVE-2025-38436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/scheduler: signal scheduled fence when kill job\n\nWhen an entity from application B is killed, drm_sched_entity_kill()\nremoves all jobs belonging to that entity through\ndrm_sched_entity_kill_jobs_work(). If application A\u0027s job depends on a\nscheduled fence from application B\u0027s job, and that fence is not properly\nsignaled during the killing process, application A\u0027s dependency cannot be\ncleared.\n\nThis leads to application A hanging indefinitely while waiting for a\ndependency that will never be resolved. Fix this issue by ensuring that\nscheduled fences are properly signaled when an entity is killed, allowing\ndependent applications to continue execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38436",
"url": "https://www.suse.com/security/cve/CVE-2025-38436"
},
{
"category": "external",
"summary": "SUSE Bug 1247227 for CVE-2025-38436",
"url": "https://bugzilla.suse.com/1247227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38436"
},
{
"cve": "CVE-2025-38443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38443"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_genl_connect() error path\n\nThere is a use-after-free issue in nbd:\n\nblock nbd6: Receive control failed (result -104)\nblock nbd6: shutting down sockets\n==================================================================\nBUG: KASAN: slab-use-after-free in recv_work+0x694/0xa80 drivers/block/nbd.c:1022\nWrite of size 4 at addr ffff8880295de478 by task kworker/u33:0/67\n\nCPU: 2 UID: 0 PID: 67 Comm: kworker/u33:0 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: nbd6-recv recv_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read_write include/linux/instrumented.h:96 [inline]\n atomic_dec include/linux/atomic/atomic-instrumented.h:592 [inline]\n recv_work+0x694/0xa80 drivers/block/nbd.c:1022\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nnbd_genl_connect() does not properly stop the device on certain\nerror paths after nbd_start_device() has been called. This causes\nthe error path to put nbd-\u003econfig while recv_work continue to use\nthe config after putting it, leading to use-after-free in recv_work.\n\nThis patch moves nbd_start_device() after the backend file creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38443",
"url": "https://www.suse.com/security/cve/CVE-2025-38443"
},
{
"category": "external",
"summary": "SUSE Bug 1247164 for CVE-2025-38443",
"url": "https://bugzilla.suse.com/1247164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38443"
},
{
"cve": "CVE-2025-38448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Fix race condition in TTY wakeup\n\nA race condition occurs when gs_start_io() calls either gs_start_rx() or\ngs_start_tx(), as those functions briefly drop the port_lock for\nusb_ep_queue(). This allows gs_close() and gserial_disconnect() to clear\nport.tty and port_usb, respectively.\n\nUse the null-safe TTY Port helper function to wake up TTY.\n\nExample\n CPU1:\t\t\t CPU2:\n gserial_connect() // lock\n \t\t\t gs_close() // await lock\n gs_start_rx() // unlock\n usb_ep_queue()\n \t\t\t gs_close() // lock, reset port.tty and unlock\n gs_start_rx() // lock\n tty_wakeup() // NPE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38448",
"url": "https://www.suse.com/security/cve/CVE-2025-38448"
},
{
"category": "external",
"summary": "SUSE Bug 1247233 for CVE-2025-38448",
"url": "https://bugzilla.suse.com/1247233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38448"
},
{
"cve": "CVE-2025-38449",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38449"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Acquire references on GEM handles for framebuffers\n\nA GEM handle can be released while the GEM buffer object is attached\nto a DRM framebuffer. This leads to the release of the dma-buf backing\nthe buffer object, if any. [1] Trying to use the framebuffer in further\nmode-setting operations leads to a segmentation fault. Most easily\nhappens with driver that use shadow planes for vmap-ing the dma-buf\nduring a page flip. An example is shown below.\n\n[ 156.791968] ------------[ cut here ]------------\n[ 156.796830] WARNING: CPU: 2 PID: 2255 at drivers/dma-buf/dma-buf.c:1527 dma_buf_vmap+0x224/0x430\n[...]\n[ 156.942028] RIP: 0010:dma_buf_vmap+0x224/0x430\n[ 157.043420] Call Trace:\n[ 157.045898] \u003cTASK\u003e\n[ 157.048030] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.052436] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.056836] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.061253] ? drm_gem_shmem_vmap+0x74/0x710\n[ 157.065567] ? dma_buf_vmap+0x224/0x430\n[ 157.069446] ? __warn.cold+0x58/0xe4\n[ 157.073061] ? dma_buf_vmap+0x224/0x430\n[ 157.077111] ? report_bug+0x1dd/0x390\n[ 157.080842] ? handle_bug+0x5e/0xa0\n[ 157.084389] ? exc_invalid_op+0x14/0x50\n[ 157.088291] ? asm_exc_invalid_op+0x16/0x20\n[ 157.092548] ? dma_buf_vmap+0x224/0x430\n[ 157.096663] ? dma_resv_get_singleton+0x6d/0x230\n[ 157.101341] ? __pfx_dma_buf_vmap+0x10/0x10\n[ 157.105588] ? __pfx_dma_resv_get_singleton+0x10/0x10\n[ 157.110697] drm_gem_shmem_vmap+0x74/0x710\n[ 157.114866] drm_gem_vmap+0xa9/0x1b0\n[ 157.118763] drm_gem_vmap_unlocked+0x46/0xa0\n[ 157.123086] drm_gem_fb_vmap+0xab/0x300\n[ 157.126979] drm_atomic_helper_prepare_planes.part.0+0x487/0xb10\n[ 157.133032] ? lockdep_init_map_type+0x19d/0x880\n[ 157.137701] drm_atomic_helper_commit+0x13d/0x2e0\n[ 157.142671] ? drm_atomic_nonblocking_commit+0xa0/0x180\n[ 157.147988] drm_mode_atomic_ioctl+0x766/0xe40\n[...]\n[ 157.346424] ---[ end trace 0000000000000000 ]---\n\nAcquiring GEM handles for the framebuffer\u0027s GEM buffer objects prevents\nthis from happening. The framebuffer\u0027s cleanup later puts the handle\nreferences.\n\nCommit 1a148af06000 (\"drm/gem-shmem: Use dma_buf from GEM object\ninstance\") triggers the segmentation fault easily by using the dma-buf\nfield more widely. The underlying issue with reference counting has\nbeen present before.\n\nv2:\n- acquire the handle instead of the BO (Christian)\n- fix comment style (Christian)\n- drop the Fixes tag (Christian)\n- rename err_ gotos\n- add missing Link tag",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38449",
"url": "https://www.suse.com/security/cve/CVE-2025-38449"
},
{
"category": "external",
"summary": "SUSE Bug 1247255 for CVE-2025-38449",
"url": "https://bugzilla.suse.com/1247255"
},
{
"category": "external",
"summary": "SUSE Bug 1247258 for CVE-2025-38449",
"url": "https://bugzilla.suse.com/1247258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38449"
},
{
"cve": "CVE-2025-38455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight\n\nReject migration of SEV{-ES} state if either the source or destination VM\nis actively creating a vCPU, i.e. if kvm_vm_ioctl_create_vcpu() is in the\nsection between incrementing created_vcpus and online_vcpus. The bulk of\nvCPU creation runs _outside_ of kvm-\u003elock to allow creating multiple vCPUs\nin parallel, and so sev_info.es_active can get toggled from false=\u003etrue in\nthe destination VM after (or during) svm_vcpu_create(), resulting in an\nSEV{-ES} VM effectively having a non-SEV{-ES} vCPU.\n\nThe issue manifests most visibly as a crash when trying to free a vCPU\u0027s\nNULL VMSA page in an SEV-ES VM, but any number of things can go wrong.\n\n BUG: unable to handle page fault for address: ffffebde00000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP KASAN NOPTI\n CPU: 227 UID: 0 PID: 64063 Comm: syz.5.60023 Tainted: G U O 6.15.0-smp-DEV #2 NONE\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:constant_test_bit arch/x86/include/asm/bitops.h:206 [inline]\n RIP: 0010:arch_test_bit arch/x86/include/asm/bitops.h:238 [inline]\n RIP: 0010:_test_bit include/asm-generic/bitops/instrumented-non-atomic.h:142 [inline]\n RIP: 0010:PageHead include/linux/page-flags.h:866 [inline]\n RIP: 0010:___free_pages+0x3e/0x120 mm/page_alloc.c:5067\n Code: \u003c49\u003e f7 06 40 00 00 00 75 05 45 31 ff eb 0c 66 90 4c 89 f0 4c 39 f0\n RSP: 0018:ffff8984551978d0 EFLAGS: 00010246\n RAX: 0000777f80000001 RBX: 0000000000000000 RCX: ffffffff918aeb98\n RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffebde00000000\n RBP: 0000000000000000 R08: ffffebde00000007 R09: 1ffffd7bc0000000\n R10: dffffc0000000000 R11: fffff97bc0000001 R12: dffffc0000000000\n R13: ffff8983e19751a8 R14: ffffebde00000000 R15: 1ffffd7bc0000000\n FS: 0000000000000000(0000) GS:ffff89ee661d3000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffebde00000000 CR3: 000000793ceaa000 CR4: 0000000000350ef0\n DR0: 0000000000000000 DR1: 0000000000000b5f DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n sev_free_vcpu+0x413/0x630 arch/x86/kvm/svm/sev.c:3169\n svm_vcpu_free+0x13a/0x2a0 arch/x86/kvm/svm/svm.c:1515\n kvm_arch_vcpu_destroy+0x6a/0x1d0 arch/x86/kvm/x86.c:12396\n kvm_vcpu_destroy virt/kvm/kvm_main.c:470 [inline]\n kvm_destroy_vcpus+0xd1/0x300 virt/kvm/kvm_main.c:490\n kvm_arch_destroy_vm+0x636/0x820 arch/x86/kvm/x86.c:12895\n kvm_put_kvm+0xb8e/0xfb0 virt/kvm/kvm_main.c:1310\n kvm_vm_release+0x48/0x60 virt/kvm/kvm_main.c:1369\n __fput+0x3e4/0x9e0 fs/file_table.c:465\n task_work_run+0x1a9/0x220 kernel/task_work.c:227\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0x7f0/0x25b0 kernel/exit.c:953\n do_group_exit+0x203/0x2d0 kernel/exit.c:1102\n get_signal+0x1357/0x1480 kernel/signal.c:3034\n arch_do_signal_or_restart+0x40/0x690 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x67/0xb0 kernel/entry/common.c:218\n do_syscall_64+0x7c/0x150 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f87a898e969\n \u003c/TASK\u003e\n Modules linked in: gq(O)\n gsmi: Log Shutdown Reason 0x03\n CR2: ffffebde00000000\n ---[ end trace 0000000000000000 ]---\n\nDeliberately don\u0027t check for a NULL VMSA when freeing the vCPU, as crashing\nthe host is likely desirable due to the VMSA being consumed by hardware.\nE.g. if KVM manages to allow VMRUN on the vCPU, hardware may read/write a\nbogus VMSA page. Accessing P\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38455",
"url": "https://www.suse.com/security/cve/CVE-2025-38455"
},
{
"category": "external",
"summary": "SUSE Bug 1247101 for CVE-2025-38455",
"url": "https://bugzilla.suse.com/1247101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38455"
},
{
"cve": "CVE-2025-38457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38457"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Abort __tc_modify_qdisc if parent class does not exist\n\nLion\u0027s patch [1] revealed an ancient bug in the qdisc API.\nWhenever a user creates/modifies a qdisc specifying as a parent another\nqdisc, the qdisc API will, during grafting, detect that the user is\nnot trying to attach to a class and reject. However grafting is\nperformed after qdisc_create (and thus the qdiscs\u0027 init callback) is\nexecuted. In qdiscs that eventually call qdisc_tree_reduce_backlog\nduring init or change (such as fq, hhf, choke, etc), an issue\narises. For example, executing the following commands:\n\nsudo tc qdisc add dev lo root handle a: htb default 2\nsudo tc qdisc add dev lo parent a: handle beef fq\n\nQdiscs such as fq, hhf, choke, etc unconditionally invoke\nqdisc_tree_reduce_backlog() in their control path init() or change() which\nthen causes a failure to find the child class; however, that does not stop\nthe unconditional invocation of the assumed child qdisc\u0027s qlen_notify with\na null class. All these qdiscs make the assumption that class is non-null.\n\nThe solution is ensure that qdisc_leaf() which looks up the parent\nclass, and is invoked prior to qdisc_create(), should return failure on\nnot finding the class.\nIn this patch, we leverage qdisc_leaf to return ERR_PTRs whenever the\nparentid doesn\u0027t correspond to a class, so that we can detect it\nearlier on and abort before qdisc_create is called.\n\n[1] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38457",
"url": "https://www.suse.com/security/cve/CVE-2025-38457"
},
{
"category": "external",
"summary": "SUSE Bug 1247098 for CVE-2025-38457",
"url": "https://bugzilla.suse.com/1247098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38457"
},
{
"cve": "CVE-2025-38460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix potential null-ptr-deref in to_atmarpd().\n\natmarpd is protected by RTNL since commit f3a0592b37b8 (\"[ATM]: clip\ncauses unregister hang\").\n\nHowever, it is not enough because to_atmarpd() is called without RTNL,\nespecially clip_neigh_solicit() / neigh_ops-\u003esolicit() is unsleepable.\n\nAlso, there is no RTNL dependency around atmarpd.\n\nLet\u0027s use a private mutex and RCU to protect access to atmarpd in\nto_atmarpd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38460",
"url": "https://www.suse.com/security/cve/CVE-2025-38460"
},
{
"category": "external",
"summary": "SUSE Bug 1247143 for CVE-2025-38460",
"url": "https://bugzilla.suse.com/1247143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38460"
},
{
"cve": "CVE-2025-38461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38461"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix transport_* TOCTOU\n\nTransport assignment may race with module unload. Protect new_transport\nfrom becoming a stale pointer.\n\nThis also takes care of an insecure call in vsock_use_local_transport();\nadd a lockdep assert.\n\nBUG: unable to handle page fault for address: fffffbfff8056000\nOops: Oops: 0000 [#1] SMP KASAN\nRIP: 0010:vsock_assign_transport+0x366/0x600\nCall Trace:\n vsock_connect+0x59c/0xc40\n __sys_connect+0xe8/0x100\n __x64_sys_connect+0x6e/0xc0\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38461",
"url": "https://www.suse.com/security/cve/CVE-2025-38461"
},
{
"category": "external",
"summary": "SUSE Bug 1247103 for CVE-2025-38461",
"url": "https://bugzilla.suse.com/1247103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38461"
},
{
"cve": "CVE-2025-38462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38462"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix transport_{g2h,h2g} TOCTOU\n\nvsock_find_cid() and vsock_dev_do_ioctl() may race with module unload.\ntransport_{g2h,h2g} may become NULL after the NULL check.\n\nIntroduce vsock_transport_local_cid() to protect from a potential\nnull-ptr-deref.\n\nKASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\nRIP: 0010:vsock_find_cid+0x47/0x90\nCall Trace:\n __vsock_bind+0x4b2/0x720\n vsock_bind+0x90/0xe0\n __sys_bind+0x14d/0x1e0\n __x64_sys_bind+0x6e/0xc0\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nKASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\nRIP: 0010:vsock_dev_do_ioctl.isra.0+0x58/0xf0\nCall Trace:\n __x64_sys_ioctl+0x12d/0x190\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38462",
"url": "https://www.suse.com/security/cve/CVE-2025-38462"
},
{
"category": "external",
"summary": "SUSE Bug 1247104 for CVE-2025-38462",
"url": "https://bugzilla.suse.com/1247104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38462"
},
{
"cve": "CVE-2025-38463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Correct signedness in skb remaining space calculation\n\nSyzkaller reported a bug [1] where sk-\u003esk_forward_alloc can overflow.\n\nWhen we send data, if an skb exists at the tail of the write queue, the\nkernel will attempt to append the new data to that skb. However, the code\nthat checks for available space in the skb is flawed:\n\u0027\u0027\u0027\ncopy = size_goal - skb-\u003elen\n\u0027\u0027\u0027\n\nThe types of the variables involved are:\n\u0027\u0027\u0027\ncopy: ssize_t (s64 on 64-bit systems)\nsize_goal: int\nskb-\u003elen: unsigned int\n\u0027\u0027\u0027\n\nDue to C\u0027s type promotion rules, the signed size_goal is converted to an\nunsigned int to match skb-\u003elen before the subtraction. The result is an\nunsigned int.\n\nWhen this unsigned int result is then assigned to the s64 copy variable,\nit is zero-extended, preserving its non-negative value. Consequently, copy\nis always \u003e= 0.\n\nAssume we are sending 2GB of data and size_goal has been adjusted to a\nvalue smaller than skb-\u003elen. The subtraction will result in copy holding a\nvery large positive integer. In the subsequent logic, this large value is\nused to update sk-\u003esk_forward_alloc, which can easily cause it to overflow.\n\nThe syzkaller reproducer uses TCP_REPAIR to reliably create this\ncondition. However, this can also occur in real-world scenarios. The\ntcp_bound_to_half_wnd() function can also reduce size_goal to a small\nvalue. This would cause the subsequent tcp_wmem_schedule() to set\nsk-\u003esk_forward_alloc to a value close to INT_MAX. Further memory\nallocation requests would then cause sk_forward_alloc to wrap around and\nbecome negative.\n\n[1]: https://syzkaller.appspot.com/bug?extid=de6565462ab540f50e47",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38463",
"url": "https://www.suse.com/security/cve/CVE-2025-38463"
},
{
"category": "external",
"summary": "SUSE Bug 1247113 for CVE-2025-38463",
"url": "https://bugzilla.suse.com/1247113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38463"
},
{
"cve": "CVE-2025-38465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix wraparounds of sk-\u003esk_rmem_alloc.\n\nNetlink has this pattern in some places\n\n if (atomic_read(\u0026sk-\u003esk_rmem_alloc) \u003e sk-\u003esk_rcvbuf)\n \tatomic_add(skb-\u003etruesize, \u0026sk-\u003esk_rmem_alloc);\n\n, which has the same problem fixed by commit 5a465a0da13e (\"udp:\nFix multiple wraparounds of sk-\u003esk_rmem_alloc.\").\n\nFor example, if we set INT_MAX to SO_RCVBUFFORCE, the condition\nis always false as the two operands are of int.\n\nThen, a single socket can eat as many skb as possible until OOM\nhappens, and we can see multiple wraparounds of sk-\u003esk_rmem_alloc.\n\nLet\u0027s fix it by using atomic_add_return() and comparing the two\nvariables as unsigned int.\n\nBefore:\n [root@fedora ~]# ss -f netlink\n Recv-Q Send-Q Local Address:Port Peer Address:Port\n -1668710080 0 rtnl:nl_wraparound/293 *\n\nAfter:\n [root@fedora ~]# ss -f netlink\n Recv-Q Send-Q Local Address:Port Peer Address:Port\n 2147483072 0 rtnl:nl_wraparound/290 *\n ^\n `--- INT_MAX - 576",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38465",
"url": "https://www.suse.com/security/cve/CVE-2025-38465"
},
{
"category": "external",
"summary": "SUSE Bug 1247118 for CVE-2025-38465",
"url": "https://bugzilla.suse.com/1247118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38465"
},
{
"cve": "CVE-2025-38467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38467"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/exynos: exynos7_drm_decon: add vblank check in IRQ handling\n\nIf there\u0027s support for another console device (such as a TTY serial),\nthe kernel occasionally panics during boot. The panic message and a\nrelevant snippet of the call stack is as follows:\n\n Unable to handle kernel NULL pointer dereference at virtual address 000000000000000\n Call trace:\n drm_crtc_handle_vblank+0x10/0x30 (P)\n decon_irq_handler+0x88/0xb4\n [...]\n\nOtherwise, the panics don\u0027t happen. This indicates that it\u0027s some sort\nof race condition.\n\nAdd a check to validate if the drm device can handle vblanks before\ncalling drm_crtc_handle_vblank() to avoid this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38467",
"url": "https://www.suse.com/security/cve/CVE-2025-38467"
},
{
"category": "external",
"summary": "SUSE Bug 1247146 for CVE-2025-38467",
"url": "https://bugzilla.suse.com/1247146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38467"
},
{
"cve": "CVE-2025-38468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree\n\nhtb_lookup_leaf has a BUG_ON that can trigger with the following:\n\ntc qdisc del dev lo root\ntc qdisc add dev lo root handle 1: htb default 1\ntc class add dev lo parent 1: classid 1:1 htb rate 64bit\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2:1 handle 3: blackhole\nping -I lo -c1 -W0.001 127.0.0.1\n\nThe root cause is the following:\n\n1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on\n the selected leaf qdisc\n2. netem_dequeue calls enqueue on the child qdisc\n3. blackhole_enqueue drops the packet and returns a value that is not\n just NET_XMIT_SUCCESS\n4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and\n since qlen is now 0, it calls htb_qlen_notify -\u003e htb_deactivate -\u003e\n htb_deactiviate_prios -\u003e htb_remove_class_from_row -\u003e htb_safe_rb_erase\n5. As this is the only class in the selected hprio rbtree,\n __rb_change_child in __rb_erase_augmented sets the rb_root pointer to\n NULL\n6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL,\n which causes htb_dequeue_tree to call htb_lookup_leaf with the same\n hprio rbtree, and fail the BUG_ON\n\nThe function graph for this scenario is shown here:\n 0) | htb_enqueue() {\n 0) + 13.635 us | netem_enqueue();\n 0) 4.719 us | htb_activate_prios();\n 0) # 2249.199 us | }\n 0) | htb_dequeue() {\n 0) 2.355 us | htb_lookup_leaf();\n 0) | netem_dequeue() {\n 0) + 11.061 us | blackhole_enqueue();\n 0) | qdisc_tree_reduce_backlog() {\n 0) | qdisc_lookup_rcu() {\n 0) 1.873 us | qdisc_match_from_root();\n 0) 6.292 us | }\n 0) 1.894 us | htb_search();\n 0) | htb_qlen_notify() {\n 0) 2.655 us | htb_deactivate_prios();\n 0) 6.933 us | }\n 0) + 25.227 us | }\n 0) 1.983 us | blackhole_dequeue();\n 0) + 86.553 us | }\n 0) # 2932.761 us | qdisc_warn_nonwc();\n 0) | htb_lookup_leaf() {\n 0) | BUG_ON();\n ------------------------------------------\n\nThe full original bug report can be seen here [1].\n\nWe can fix this just by returning NULL instead of the BUG_ON,\nas htb_dequeue_tree returns NULL when htb_lookup_leaf returns\nNULL.\n\n[1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38468",
"url": "https://www.suse.com/security/cve/CVE-2025-38468"
},
{
"category": "external",
"summary": "SUSE Bug 1247437 for CVE-2025-38468",
"url": "https://bugzilla.suse.com/1247437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38468"
},
{
"cve": "CVE-2025-38470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime\n\nAssuming the \"rx-vlan-filter\" feature is enabled on a net device, the\n8021q module will automatically add or remove VLAN 0 when the net device\nis put administratively up or down, respectively. There are a couple of\nproblems with the above scheme.\n\nThe first problem is a memory leak that can happen if the \"rx-vlan-filter\"\nfeature is disabled while the device is running:\n\n # ip link add bond1 up type bond mode 0\n # ethtool -K bond1 rx-vlan-filter off\n # ip link del dev bond1\n\nWhen the device is put administratively down the \"rx-vlan-filter\"\nfeature is disabled, so the 8021q module will not remove VLAN 0 and the\nmemory will be leaked [1].\n\nAnother problem that can happen is that the kernel can automatically\ndelete VLAN 0 when the device is put administratively down despite not\nadding it when the device was put administratively up since during that\ntime the \"rx-vlan-filter\" feature was disabled. null-ptr-unref or\nbug_on[2] will be triggered by unregister_vlan_dev() for refcount\nimbalance if toggling filtering during runtime:\n\n$ ip link add bond0 type bond mode 0\n$ ip link add link bond0 name vlan0 type vlan id 0 protocol 802.1q\n$ ethtool -K bond0 rx-vlan-filter off\n$ ifconfig bond0 up\n$ ethtool -K bond0 rx-vlan-filter on\n$ ifconfig bond0 down\n$ ip link del vlan0\n\nRoot cause is as below:\nstep1: add vlan0 for real_dev, such as bond, team.\nregister_vlan_dev\n vlan_vid_add(real_dev,htons(ETH_P_8021Q),0) //refcnt=1\nstep2: disable vlan filter feature and enable real_dev\nstep3: change filter from 0 to 1\nvlan_device_event\n vlan_filter_push_vids\n ndo_vlan_rx_add_vid //No refcnt added to real_dev vlan0\nstep4: real_dev down\nvlan_device_event\n vlan_vid_del(dev, htons(ETH_P_8021Q), 0); //refcnt=0\n vlan_info_rcu_free //free vlan0\nstep5: delete vlan0\nunregister_vlan_dev\n BUG_ON(!vlan_info); //vlan_info is null\n\nFix both problems by noting in the VLAN info whether VLAN 0 was\nautomatically added upon NETDEV_UP and based on that decide whether it\nshould be deleted upon NETDEV_DOWN, regardless of the state of the\n\"rx-vlan-filter\" feature.\n\n[1]\nunreferenced object 0xffff8880068e3100 (size 256):\n comm \"ip\", pid 384, jiffies 4296130254\n hex dump (first 32 bytes):\n 00 20 30 0d 80 88 ff ff 00 00 00 00 00 00 00 00 . 0.............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 81ce31fa):\n __kmalloc_cache_noprof+0x2b5/0x340\n vlan_vid_add+0x434/0x940\n vlan_device_event.cold+0x75/0xa8\n notifier_call_chain+0xca/0x150\n __dev_notify_flags+0xe3/0x250\n rtnl_configure_link+0x193/0x260\n rtnl_newlink_create+0x383/0x8e0\n __rtnl_newlink+0x22c/0xa40\n rtnl_newlink+0x627/0xb00\n rtnetlink_rcv_msg+0x6fb/0xb70\n netlink_rcv_skb+0x11f/0x350\n netlink_unicast+0x426/0x710\n netlink_sendmsg+0x75a/0xc20\n __sock_sendmsg+0xc1/0x150\n ____sys_sendmsg+0x5aa/0x7b0\n ___sys_sendmsg+0xfc/0x180\n\n[2]\nkernel BUG at net/8021q/vlan.c:99!\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 0 UID: 0 PID: 382 Comm: ip Not tainted 6.16.0-rc3 #61 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:unregister_vlan_dev (net/8021q/vlan.c:99 (discriminator 1))\nRSP: 0018:ffff88810badf310 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810da84000 RCX: ffffffffb47ceb9a\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88810e8b43c8\nRBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6cefe80\nR10: ffffffffb677f407 R11: ffff88810badf3c0 R12: ffff88810e8b4000\nR13: 0000000000000000 R14: ffff88810642a5c0 R15: 000000000000017e\nFS: 00007f1ff68c20c0(0000) GS:ffff888163a24000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1ff5dad240 CR3: 0000000107e56000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38470",
"url": "https://www.suse.com/security/cve/CVE-2025-38470"
},
{
"category": "external",
"summary": "SUSE Bug 1247288 for CVE-2025-38470",
"url": "https://bugzilla.suse.com/1247288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38470"
},
{
"cve": "CVE-2025-38471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: always refresh the queue when reading sock\n\nAfter recent changes in net-next TCP compacts skbs much more\naggressively. This unearthed a bug in TLS where we may try\nto operate on an old skb when checking if all skbs in the\nqueue have matching decrypt state and geometry.\n\n BUG: KASAN: slab-use-after-free in tls_strp_check_rcv+0x898/0x9a0 [tls]\n (net/tls/tls_strp.c:436 net/tls/tls_strp.c:530 net/tls/tls_strp.c:544)\n Read of size 4 at addr ffff888013085750 by task tls/13529\n\n CPU: 2 UID: 0 PID: 13529 Comm: tls Not tainted 6.16.0-rc5-virtme\n Call Trace:\n kasan_report+0xca/0x100\n tls_strp_check_rcv+0x898/0x9a0 [tls]\n tls_rx_rec_wait+0x2c9/0x8d0 [tls]\n tls_sw_recvmsg+0x40f/0x1aa0 [tls]\n inet_recvmsg+0x1c3/0x1f0\n\nAlways reload the queue, fast path is to have the record in the queue\nwhen we wake, anyway (IOW the path going down \"if !strp-\u003estm.full_len\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38471",
"url": "https://www.suse.com/security/cve/CVE-2025-38471"
},
{
"category": "external",
"summary": "SUSE Bug 1247450 for CVE-2025-38471",
"url": "https://bugzilla.suse.com/1247450"
},
{
"category": "external",
"summary": "SUSE Bug 1247452 for CVE-2025-38471",
"url": "https://bugzilla.suse.com/1247452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38471"
},
{
"cve": "CVE-2025-38473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()\n\nsyzbot reported null-ptr-deref in l2cap_sock_resume_cb(). [0]\n\nl2cap_sock_resume_cb() has a similar problem that was fixed by commit\n1bff51ea59a9 (\"Bluetooth: fix use-after-free error in lock_sock_nested()\").\n\nSince both l2cap_sock_kill() and l2cap_sock_resume_cb() are executed\nunder l2cap_sock_resume_cb(), we can avoid the issue simply by checking\nif chan-\u003edata is NULL.\n\nLet\u0027s not access to the killed socket in l2cap_sock_resume_cb().\n\n[0]:\nBUG: KASAN: null-ptr-deref in instrument_atomic_write include/linux/instrumented.h:82 [inline]\nBUG: KASAN: null-ptr-deref in clear_bit include/asm-generic/bitops/instrumented-atomic.h:41 [inline]\nBUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xb4/0x17c net/bluetooth/l2cap_sock.c:1711\nWrite of size 8 at addr 0000000000000570 by task kworker/u9:0/52\n\nCPU: 1 UID: 0 PID: 52 Comm: kworker/u9:0 Not tainted 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nWorkqueue: hci0 hci_rx_work\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:501 (C)\n __dump_stack+0x30/0x40 lib/dump_stack.c:94\n dump_stack_lvl+0xd8/0x12c lib/dump_stack.c:120\n print_report+0x58/0x84 mm/kasan/report.c:524\n kasan_report+0xb0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2a4 mm/kasan/generic.c:189\n __kasan_check_write+0x20/0x30 mm/kasan/shadow.c:37\n instrument_atomic_write include/linux/instrumented.h:82 [inline]\n clear_bit include/asm-generic/bitops/instrumented-atomic.h:41 [inline]\n l2cap_sock_resume_cb+0xb4/0x17c net/bluetooth/l2cap_sock.c:1711\n l2cap_security_cfm+0x524/0xea0 net/bluetooth/l2cap_core.c:7357\n hci_auth_cfm include/net/bluetooth/hci_core.h:2092 [inline]\n hci_auth_complete_evt+0x2e8/0xa4c net/bluetooth/hci_event.c:3514\n hci_event_func net/bluetooth/hci_event.c:7511 [inline]\n hci_event_packet+0x650/0xe9c net/bluetooth/hci_event.c:7565\n hci_rx_work+0x320/0xb18 net/bluetooth/hci_core.c:4070\n process_one_work+0x7e8/0x155c kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3321 [inline]\n worker_thread+0x958/0xed8 kernel/workqueue.c:3402\n kthread+0x5fc/0x75c kernel/kthread.c:464\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:847",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38473",
"url": "https://www.suse.com/security/cve/CVE-2025-38473"
},
{
"category": "external",
"summary": "SUSE Bug 1247289 for CVE-2025-38473",
"url": "https://bugzilla.suse.com/1247289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38473"
},
{
"cve": "CVE-2025-38474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: net: sierra: check for no status endpoint\n\nThe driver checks for having three endpoints and\nhaving bulk in and out endpoints, but not that\nthe third endpoint is interrupt input.\nRectify the omission.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38474",
"url": "https://www.suse.com/security/cve/CVE-2025-38474"
},
{
"category": "external",
"summary": "SUSE Bug 1247311 for CVE-2025-38474",
"url": "https://bugzilla.suse.com/1247311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38474"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when \u0027agg\u0027 is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38477",
"url": "https://www.suse.com/security/cve/CVE-2025-38477"
},
{
"category": "external",
"summary": "SUSE Bug 1247314 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247314"
},
{
"category": "external",
"summary": "SUSE Bug 1247315 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38477"
},
{
"cve": "CVE-2025-38478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix initialization of data for instructions that write to subdevice\n\nSome Comedi subdevice instruction handlers are known to access\ninstruction data elements beyond the first `insn-\u003en` elements in some\ncases. The `do_insn_ioctl()` and `do_insnlist_ioctl()` functions\nallocate at least `MIN_SAMPLES` (16) data elements to deal with this,\nbut they do not initialize all of that. For Comedi instruction codes\nthat write to the subdevice, the first `insn-\u003en` data elements are\ncopied from user-space, but the remaining elements are left\nuninitialized. That could be a problem if the subdevice instruction\nhandler reads the uninitialized data. Ensure that the first\n`MIN_SAMPLES` elements are initialized before calling these instruction\nhandlers, filling the uncopied elements with 0. For\n`do_insnlist_ioctl()`, the same data buffer elements are used for\nhandling a list of instructions, so ensure the first `MIN_SAMPLES`\nelements are initialized for each instruction that writes to the\nsubdevice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38478",
"url": "https://www.suse.com/security/cve/CVE-2025-38478"
},
{
"category": "external",
"summary": "SUSE Bug 1247273 for CVE-2025-38478",
"url": "https://bugzilla.suse.com/1247273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38478"
},
{
"cve": "CVE-2025-38480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix use of uninitialized data in insn_rw_emulate_bits()\n\nFor Comedi `INSN_READ` and `INSN_WRITE` instructions on \"digital\"\nsubdevices (subdevice types `COMEDI_SUBD_DI`, `COMEDI_SUBD_DO`, and\n`COMEDI_SUBD_DIO`), it is common for the subdevice driver not to have\n`insn_read` and `insn_write` handler functions, but to have an\n`insn_bits` handler function for handling Comedi `INSN_BITS`\ninstructions. In that case, the subdevice\u0027s `insn_read` and/or\n`insn_write` function handler pointers are set to point to the\n`insn_rw_emulate_bits()` function by `__comedi_device_postconfig()`.\n\nFor `INSN_WRITE`, `insn_rw_emulate_bits()` currently assumes that the\nsupplied `data[0]` value is a valid copy from user memory. It will at\nleast exist because `do_insnlist_ioctl()` and `do_insn_ioctl()` in\n\"comedi_fops.c\" ensure at lease `MIN_SAMPLES` (16) elements are\nallocated. However, if `insn-\u003en` is 0 (which is allowable for\n`INSN_READ` and `INSN_WRITE` instructions, then `data[0]` may contain\nuninitialized data, and certainly contains invalid data, possibly from a\ndifferent instruction in the array of instructions handled by\n`do_insnlist_ioctl()`. This will result in an incorrect value being\nwritten to the digital output channel (or to the digital input/output\nchannel if configured as an output), and may be reflected in the\ninternal saved state of the channel.\n\nFix it by returning 0 early if `insn-\u003en` is 0, before reaching the code\nthat accesses `data[0]`. Previously, the function always returned 1 on\nsuccess, but it is supposed to be the number of data samples actually\nread or written up to `insn-\u003en`, which is 0 in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38480",
"url": "https://www.suse.com/security/cve/CVE-2025-38480"
},
{
"category": "external",
"summary": "SUSE Bug 1247274 for CVE-2025-38480",
"url": "https://bugzilla.suse.com/1247274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38480"
},
{
"cve": "CVE-2025-38481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38481"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large\n\nThe handling of the `COMEDI_INSNLIST` ioctl allocates a kernel buffer to\nhold the array of `struct comedi_insn`, getting the length from the\n`n_insns` member of the `struct comedi_insnlist` supplied by the user.\nThe allocation will fail with a WARNING and a stack dump if it is too\nlarge.\n\nAvoid that by failing with an `-EINVAL` error if the supplied `n_insns`\nvalue is unreasonable.\n\nDefine the limit on the `n_insns` value in the `MAX_INSNS` macro. Set\nthis to the same value as `MAX_SAMPLES` (65536), which is the maximum\nallowed sum of the values of the member `n` in the array of `struct\ncomedi_insn`, and sensible comedi instructions will have an `n` of at\nleast 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38481",
"url": "https://www.suse.com/security/cve/CVE-2025-38481"
},
{
"category": "external",
"summary": "SUSE Bug 1247276 for CVE-2025-38481",
"url": "https://bugzilla.suse.com/1247276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "low"
}
],
"title": "CVE-2025-38481"
},
{
"cve": "CVE-2025-38482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: das6402: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\t/* IRQs 2,3,5,6,7, 10,11,15 are valid for \"enhanced\" mode */\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0x8cec) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38482",
"url": "https://www.suse.com/security/cve/CVE-2025-38482"
},
{
"category": "external",
"summary": "SUSE Bug 1247277 for CVE-2025-38482",
"url": "https://bugzilla.suse.com/1247277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38482"
},
{
"cve": "CVE-2025-38483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: das16m1: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\t/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38483",
"url": "https://www.suse.com/security/cve/CVE-2025-38483"
},
{
"category": "external",
"summary": "SUSE Bug 1247278 for CVE-2025-38483",
"url": "https://bugzilla.suse.com/1247278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38483"
},
{
"cve": "CVE-2025-38485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush\n\nfxls8962af_fifo_flush() uses indio_dev-\u003eactive_scan_mask (with\niio_for_each_active_channel()) without making sure the indio_dev\nstays in buffer mode.\nThere is a race if indio_dev exits buffer mode in the middle of the\ninterrupt that flushes the fifo. Fix this by calling\nsynchronize_irq() to ensure that no interrupt is currently running when\ndisabling buffer mode.\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000 when read\n[...]\n_find_first_bit_le from fxls8962af_fifo_flush+0x17c/0x290\nfxls8962af_fifo_flush from fxls8962af_interrupt+0x80/0x178\nfxls8962af_interrupt from irq_thread_fn+0x1c/0x7c\nirq_thread_fn from irq_thread+0x110/0x1f4\nirq_thread from kthread+0xe0/0xfc\nkthread from ret_from_fork+0x14/0x2c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38485",
"url": "https://www.suse.com/security/cve/CVE-2025-38485"
},
{
"category": "external",
"summary": "SUSE Bug 1247236 for CVE-2025-38485",
"url": "https://bugzilla.suse.com/1247236"
},
{
"category": "external",
"summary": "SUSE Bug 1247237 for CVE-2025-38485",
"url": "https://bugzilla.suse.com/1247237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38485"
},
{
"cve": "CVE-2025-38487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38487"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: lpc-snoop: Don\u0027t disable channels that aren\u0027t enabled\n\nMitigate e.g. the following:\n\n # echo 1e789080.lpc-snoop \u003e /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind\n ...\n [ 120.363594] Unable to handle kernel NULL pointer dereference at virtual address 00000004 when write\n [ 120.373866] [00000004] *pgd=00000000\n [ 120.377910] Internal error: Oops: 805 [#1] SMP ARM\n [ 120.383306] CPU: 1 UID: 0 PID: 315 Comm: sh Not tainted 6.15.0-rc1-00009-g926217bc7d7d-dirty #20 NONE\n ...\n [ 120.679543] Call trace:\n [ 120.679559] misc_deregister from aspeed_lpc_snoop_remove+0x84/0xac\n [ 120.692462] aspeed_lpc_snoop_remove from platform_remove+0x28/0x38\n [ 120.700996] platform_remove from device_release_driver_internal+0x188/0x200\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38487",
"url": "https://www.suse.com/security/cve/CVE-2025-38487"
},
{
"category": "external",
"summary": "SUSE Bug 1247238 for CVE-2025-38487",
"url": "https://bugzilla.suse.com/1247238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38487"
},
{
"cve": "CVE-2025-38489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again\n\nCommit 7ded842b356d (\"s390/bpf: Fix bpf_plt pointer arithmetic\") has\naccidentally removed the critical piece of commit c730fce7c70c\n(\"s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL\"), causing\nintermittent kernel panics in e.g. perf\u0027s on_switch() prog to reappear.\n\nRestore the fix and add a comment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38489",
"url": "https://www.suse.com/security/cve/CVE-2025-38489"
},
{
"category": "external",
"summary": "SUSE Bug 1247241 for CVE-2025-38489",
"url": "https://bugzilla.suse.com/1247241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38489"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38494",
"url": "https://www.suse.com/security/cve/CVE-2025-38494"
},
{
"category": "external",
"summary": "SUSE Bug 1247349 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247349"
},
{
"category": "external",
"summary": "SUSE Bug 1247350 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38494"
},
{
"cve": "CVE-2025-38495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: ensure the allocated report buffer can contain the reserved report ID\n\nWhen the report ID is not used, the low level transport drivers expect\nthe first byte to be 0. However, currently the allocated buffer not\naccount for that extra byte, meaning that instead of having 8 guaranteed\nbytes for implement to be working, we only have 7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38495",
"url": "https://www.suse.com/security/cve/CVE-2025-38495"
},
{
"category": "external",
"summary": "SUSE Bug 1247348 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247348"
},
{
"category": "external",
"summary": "SUSE Bug 1247351 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38495"
},
{
"cve": "CVE-2025-38496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: fix sched in atomic context\n\nIf \"try_verify_in_tasklet\" is set for dm-verity, DM_BUFIO_CLIENT_NO_SLEEP\nis enabled for dm-bufio. However, when bufio tries to evict buffers, there\nis a chance to trigger scheduling in spin_lock_bh, the following warning\nis hit:\n\nBUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2745\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 123, name: kworker/2:2\npreempt_count: 201, expected: 0\nRCU nest depth: 0, expected: 0\n4 locks held by kworker/2:2/123:\n #0: ffff88800a2d1548 ((wq_completion)dm_bufio_cache){....}-{0:0}, at: process_one_work+0xe46/0x1970\n #1: ffffc90000d97d20 ((work_completion)(\u0026dm_bufio_replacement_work)){....}-{0:0}, at: process_one_work+0x763/0x1970\n #2: ffffffff8555b528 (dm_bufio_clients_lock){....}-{3:3}, at: do_global_cleanup+0x1ce/0x710\n #3: ffff88801d5820b8 (\u0026c-\u003espinlock){....}-{2:2}, at: do_global_cleanup+0x2a5/0x710\nPreemption disabled at:\n[\u003c0000000000000000\u003e] 0x0\nCPU: 2 UID: 0 PID: 123 Comm: kworker/2:2 Not tainted 6.16.0-rc3-g90548c634bd0 #305 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nWorkqueue: dm_bufio_cache do_global_cleanup\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n __might_resched+0x360/0x4e0\n do_global_cleanup+0x2f5/0x710\n process_one_work+0x7db/0x1970\n worker_thread+0x518/0xea0\n kthread+0x359/0x690\n ret_from_fork+0xf3/0x1b0\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThat can be reproduced by:\n\n veritysetup format --data-block-size=4096 --hash-block-size=4096 /dev/vda /dev/vdb\n SIZE=$(blockdev --getsz /dev/vda)\n dmsetup create myverity -r --table \"0 $SIZE verity 1 /dev/vda /dev/vdb 4096 4096 \u003cdata_blocks\u003e 1 sha256 \u003croot_hash\u003e \u003csalt\u003e 1 try_verify_in_tasklet\"\n mount /dev/dm-0 /mnt -o ro\n echo 102400 \u003e /sys/module/dm_bufio/parameters/max_cache_size_bytes\n [read files in /mnt]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38496",
"url": "https://www.suse.com/security/cve/CVE-2025-38496"
},
{
"category": "external",
"summary": "SUSE Bug 1247284 for CVE-2025-38496",
"url": "https://bugzilla.suse.com/1247284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38496"
},
{
"cve": "CVE-2025-38497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: configfs: Fix OOB read on empty string write\n\nWhen writing an empty string to either \u0027qw_sign\u0027 or \u0027landingPage\u0027\nsysfs attributes, the store functions attempt to access page[l - 1]\nbefore validating that the length \u0027l\u0027 is greater than zero.\n\nThis patch fixes the vulnerability by adding a check at the beginning\nof os_desc_qw_sign_store() and webusb_landingPage_store() to handle\nthe zero-length input case gracefully by returning immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38497",
"url": "https://www.suse.com/security/cve/CVE-2025-38497"
},
{
"category": "external",
"summary": "SUSE Bug 1247347 for CVE-2025-38497",
"url": "https://bugzilla.suse.com/1247347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-38497"
},
{
"cve": "CVE-2025-38498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller\u0027s mount namespace. This change aligns permission checking\nwith the rest of mount(2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38498",
"url": "https://www.suse.com/security/cve/CVE-2025-38498"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38498",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1247499 for CVE-2025-38498",
"url": "https://bugzilla.suse.com/1247499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-38498"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.28.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.28.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.28.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-20T07:24:58Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
}
]
}
suse-su-2025:03633-1
Vulnerability from csaf_suse
Published
2025-10-17 14:32
Modified
2025-10-17 14:32
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (bsc#1249906).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).
- CVE-2025-39834: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (bsc#1250021).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Add alt-commit to drm v3d patch
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: ISO: free rx_skb if not consumed (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Correct typos of References tags in some patches
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for 'spurious' preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb 'force_immediate_exit' into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Limit patch filenames to 100 characters (bsc#1249604).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes)
- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Revert 'SUNRPC: Do not allow waiting for exiting tasks' (git-fixes).
- Revert 'drm/amdgpu: fix incorrect vm flags to map bo' (stable-fixes).
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- Revert 'usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running' (git-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf/selftests: Fix test_tcpnotify_user (poo#189822).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - request reserved interrupt for virtual function (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).
- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).
- drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes).
- drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Fix mismatch type comparison (stable-fixes).
- drm/amd/display: Fix unnecessary cast warnings from checkpatch (stable-fixes).
- drm/amd/display: Initialize mode_select to 0 (stable-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Reduce accessing remote DPCD overhead (git-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).
- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).
- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amd/pm: fix null pointer access (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).
- drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).
- drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).
- drm/amdgpu/swm14: Update power limit logic (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: Fix Circular Locking Dependency in AMDGPU GFX Isolation (git-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).
- drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes).
- drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).
- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: fix incorrect MALL size for GFX1151 (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: fix vram reservation issue (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/ast: Use msleep instead of mdelay for edid read (git-fixes).
- drm/bridge: fix OF node leak (git-fixes).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/cirrus-qemu: Fix pitch programming (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).
- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).
- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).
- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).
- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).
- drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).
- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).
- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).
- drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).
- drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).
- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: update the high bitfield of certain DSI registers (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/nouveau: select FW caching (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes).
- drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).
- drm/panthor: validate group queue count (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/simpledrm: Do not upcast in release helpers (git-fixes).
- drm/tests: Fix endian warning (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm/xe/bmg: Add new PCI IDs (stable-fixes).
- drm/xe/bmg: Update Wa_22019338487 (git-fixes).
- drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).
- drm/xe/tile: Release kobject for the failure path (git-fixes).
- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).
- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).
- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).
- drm/xe: Allow dropping kunit dependency as built-in (git-fixes).
- drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).
- drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).
- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).
- drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).
- drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes).
- drm/xe: Fix and re-enable xe_print_blob_ascii85() (git-fixes).
- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).
- drm/xe: Move page fault init after topology init (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- i3c: master: svc: Use manual response for IBI events (git-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).
- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).
- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).
- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).
- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).
- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).
- ixgbe: prevent from unwanted interface name changes (git-fixes).
- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).
- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).
- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for 'netfilter: nf_tables: Audit log rule reset' (git-fixes).
- kABI workaround for 'drm/dp: Add an EDID quirk for the DPCD register access probe' (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- kselftest/runner.sh: add netns support
- kselftests: Sort the collections list to avoid duplicate tests
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- livepatch: Add 'replace' sysfs attribute (poo#187320).
- livepatch: Add stack_order sysfs attribute (poo#187320).
- livepatch: Move tests from lib/livepatch to selftests/livepatch
- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: chips-media: wave5: Fix gray color on screen (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-auth: do not re-authenticate queues with no prior authentication (bsc#1227555).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvme-tcp: remove tag set when second admin queue config fails (git-fixes).
- nvmet-auth: always free derived key data (git-fixes).
- nvmet-auth: authenticate on admin queue only (bsc#1227555).
- nvmet: auth: use NULL to clear a pointer in (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).
- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Udate OBS repositories
- rpm/config.sh: Update Leap project
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1249183).
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/debug: Add a reverse mode for debug_dump() (git-fixes jsc#PED-13260).
- s390/debug: Add debug_dump() to write debug view to a string buffer (git-fixes jsc#PED-13260).
- s390/debug: Simplify and document debug_next_entry() logic (git-fixes jsc#PED-13260).
- s390/debug: Split private data alloc/free out of file operations (git-fixes jsc#PED-13260).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Add pci_msg debug view to PCI report (git-fixes jsc#PED-13260).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/pci: Report PCI error recovery results via SCLP (git-fixes jsc#PED-13260).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- scsi: Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests/livepatch: Add selftests for 'replace' sysfs attribute
- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).
- selftests/livepatch: Replace hardcoded module name with variable in
- selftests/livepatch: define max test-syscall processes
- selftests/livepatch: fix and refactor new dmesg message code
- selftests/livepatch: wait for atomic replace to occur
- selftests/run_kselftest.sh: Fix help string for --per-test-log
- selftests/run_kselftest.sh: Use readlink if realpath is not available
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: allow runners to override the timeout
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- selftests: livepatch: Add initial .gitignore
- selftests: livepatch: Avoid running the tests if kernel-devel is
- selftests: livepatch: Test atomic replace against multiple modules
- selftests: livepatch: Test livepatching a heavily called syscall
- selftests: livepatch: add new ftrace helpers functions
- selftests: livepatch: add test cases of stack_order sysfs interface
- selftests: livepatch: handle PRINTK_CALLER in check_result()
- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR
- selftests: livepatch: save and restore kprobe state
- selftests: livepatch: test if ftrace can trace a livepatched function
- selftests: livepatch: test livepatching a kprobed function
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- serial: core: fix OF node leak (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).
- wifi: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues (stable-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).
- wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).
- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).
- wifi: ath12k: fix the fetching of combined rssi (git-fixes).
- wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath12k: fix wrong logging ID used for CE (git-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: Remove redundant header files (git-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: avoid weird state in error path (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1245538).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: dbc: decouple endpoint allocation from initialization (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
Patchnames
SUSE-2025-3633,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3633
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer-\u003epointer (bsc#1249770).\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).\n- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).\n- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).\n- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).\n- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).\n- CVE-2025-38418: remoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails (bsc#1247137).\n- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).\n- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).\n- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).\n- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).\n- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).\n- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).\n- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).\n- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).\n- CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).\n- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).\n- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).\n- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).\n- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).\n- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).\n- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).\n- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).\n- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).\n- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).\n- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).\n- CVE-2025-38684: net/sched: ets: use old \u0027nbands\u0027 while purging unused classes (bsc#1249156).\n- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).\n- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).\n- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).\n- CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).\n- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).\n- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).\n- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).\n- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).\n- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).\n- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (bsc#1249290).\n- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).\n- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).\n- CVE-2025-39703: net, hsr: reject HSR frame if skb can\u0027t hold tag (bsc#1249315).\n- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).\n- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).\n- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).\n- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).\n- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).\n- CVE-2025-39749: rcu: Protect -\u003edefer_qs_iw_pending from data race (bsc#1249533).\n- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).\n- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).\n- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).\n- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).\n- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).\n- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).\n- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).\n- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn\u0027t use 0 as SPI (bsc#1249608).\n- CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (bsc#1249906).\n- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).\n- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).\n- CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).\n- CVE-2025-39834: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (bsc#1250021).\n- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).\n- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).\n- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).\n- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).\n- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).\n- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).\n- CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).\n- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).\n\nThe following non-security bugs were fixed:\n\n- 9p/xen: fix init sequence (git-fixes).\n- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).\n- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).\n- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).\n- ACPICA: Fix largest possible resource descriptor index (git-fixes).\n- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).\n- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).\n- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: lx_core: use int type to store negative error codes (git-fixes).\n- ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).\n- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).\n- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Convert comma to semicolon (git-fixes).\n- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).\n- ALSA: usb-audio: move mixer_quirks\u0027 min_mute into common quirk (stable-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).\n- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).\n- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).\n- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).\n- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).\n- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).\n- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).\n- ASoC: wm8940: Correct PLL rate rounding (git-fixes).\n- ASoC: wm8940: Correct typo in control name (git-fixes).\n- ASoC: wm8974: Correct PLL rate rounding (git-fixes).\n- Add alt-commit to drm v3d patch\n- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).\n- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).\n- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).\n- Bluetooth: ISO: free rx_skb if not consumed (git-fixes).\n- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).\n- Bluetooth: MGMT: Fix possible UAFs (git-fixes).\n- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).\n- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- Bluetooth: qca: fix invalid device address check (git-fixes).\n- Bluetooth: qca: fix wcn3991 device address check (git-fixes).\n- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).\n- CONFIG \u0026 no reference -\u003e OK temporarily, must be resolved eventually\n- Correct typos of References tags in some patches\n- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).\n- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).\n- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).\n- HID: input: report battery status changes immediately (git-fixes).\n- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).\n- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).\n- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).\n- HID: wacom: Add a new Art Pen 2 (stable-fixes).\n- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)\n- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).\n- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).\n- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).\n- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).\n- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).\n- KVM: VMX: Extract checking of guest\u0027s DEBUGCTL into helper (git-fixes).\n- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).\n- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).\n- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).\n- KVM: VMX: Re-enter guest in fastpath for \u0027spurious\u0027 preemption timer exits (git-fixes).\n- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).\n- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).\n- KVM: x86/xen: Allow \u0027out of range\u0027 event channel ports in IRQ routing table (git-fixes).\n- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).\n- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).\n- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).\n- KVM: x86: Plumb \u0027force_immediate_exit\u0027 into kvm_entry() tracepoint (git-fixes).\n- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).\n- Limit patch filenames to 100 characters (bsc#1249604).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).\n- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).\n- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).\n- NFSv4: Do not clear capabilities that won\u0027t be reset (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Extend isolated function probing to LoongArch (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes)\n- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).\n- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Revert \u0027SUNRPC: Do not allow waiting for exiting tasks\u0027 (git-fixes).\n- Revert \u0027drm/amdgpu: fix incorrect vm flags to map bo\u0027 (stable-fixes).\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- Revert \u0027usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running\u0027 (git-fixes).\n- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).\n- Squashfs: add additional inode sanity checking (git-fixes).\n- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).\n- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).\n- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).\n- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).\n- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Handle KCOV __init vs inline mismatches (git-fixes)\n- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)\n- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)\n- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)\n- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).\n- batman-adv: fix OOB read/write in network-coding decode (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf, bpftool: Fix incorrect disasm pc (git-fixes).\n- bpf/selftests: Fix test_tcpnotify_user (poo#189822).\n- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).\n- bpf: Fix iter/task tid filtering (git-fixes).\n- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).\n- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).\n- bpf: Properly test iter/task tid filtering (git-fixes).\n- bpf: bpftool: Setting error code in do_loader() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: handle implicit declaration of function gettid in bpf_iter.c\n- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- bpftool: Fix JSON writer resource leak in version command (git-fixes).\n- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).\n- bpftool: Fix readlink usage in get_fd_type (git-fixes).\n- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).\n- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).\n- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).\n- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).\n- btrfs: add cancellation points to trim loops (git-fixes).\n- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).\n- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).\n- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data overwriting bug during buffered write when block size \u0026lt; page size (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).\n- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).\n- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).\n- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).\n- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).\n- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).\n- btrfs: scrub: fix grouping of read IO (git-fixes).\n- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).\n- btrfs: split remaining space to discard in chunks (git-fixes).\n- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).\n- build_bug.h: Add KABI assert (bsc#1249186).\n- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).\n- bus: mhi: host: Do not use uninitialized \u0027dev\u0027 pointer in mhi_init_irq_setup() (git-fixes).\n- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).\n- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).\n- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).\n- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).\n- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).\n- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).\n- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).\n- ceph: validate snapdirname option length when mounting (git-fixes).\n- cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).\n- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).\n- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).\n- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).\n- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).\n- cgroup: make css_rstat_updated nmi safe (bsc#1247963).\n- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).\n- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).\n- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).\n- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).\n- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).\n- cpufreq: Exit governor when failed to start old governor (stable-fixes).\n- cpufreq: Init policy-\u003erwsem before it may be possibly used (git-fixes).\n- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).\n- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).\n- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).\n- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).\n- cpufreq: governor: Fix negative \u0027idle_time\u0027 handling in dbs_update() (git-fixes).\n- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).\n- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).\n- cpufreq: scpi: compare kHz instead of Hz (git-fixes).\n- cpufreq: tegra186: Share policy per cluster (stable-fixes).\n- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).\n- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).\n- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).\n- crypto: hisilicon/qm - request reserved interrupt for virtual function (git-fixes).\n- crypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs (git-fixes).\n- crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).\n- crypto: qat - add shutdown handler to qat_c62x (git-fixes).\n- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).\n- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).\n- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).\n- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).\n- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).\n- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).\n- dmaengine: idxd: Remove improper idxd_free (git-fixes).\n- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).\n- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).\n- docs: admin-guide: update to current minimum pipe size default (git-fixes).\n- drivers/base/node: fix double free in register_one_node() (git-fixes).\n- drivers/base/node: handle error properly in register_one_node() (git-fixes).\n- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).\n- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).\n- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).\n- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).\n- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).\n- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).\n- drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).\n- drm/amd/display: Allow RX6xxx \u0026 RX7700 to invoke amdgpu_irq_get/put (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes).\n- drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).\n- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).\n- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).\n- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Fix mismatch type comparison (stable-fixes).\n- drm/amd/display: Fix unnecessary cast warnings from checkpatch (stable-fixes).\n- drm/amd/display: Initialize mode_select to 0 (stable-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Reduce accessing remote DPCD overhead (git-fixes).\n- drm/amd/display: Remove redundant semicolons (git-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).\n- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).\n- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).\n- drm/amd/display: use udelay rather than fsleep (git-fixes).\n- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).\n- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).\n- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).\n- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).\n- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).\n- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).\n- drm/amd/pm: fix null pointer access (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).\n- drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).\n- drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).\n- drm/amdgpu/swm14: Update power limit logic (stable-fixes).\n- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).\n- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: Fix Circular Locking Dependency in AMDGPU GFX Isolation (git-fixes).\n- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).\n- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).\n- drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes).\n- drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).\n- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).\n- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).\n- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).\n- drm/amdgpu: fix incorrect MALL size for GFX1151 (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: fix vram reservation issue (git-fixes).\n- drm/amdgpu: remove the redeclaration of variable i (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).\n- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).\n- drm/ast: Use msleep instead of mdelay for edid read (git-fixes).\n- drm/bridge: fix OF node leak (git-fixes).\n- drm/bridge: it6505: select REGMAP_I2C (git-fixes).\n- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).\n- drm/cirrus-qemu: Fix pitch programming (git-fixes).\n- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).\n- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).\n- drm/edid: Define the quirks in an enum list (bsc#1248121).\n- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).\n- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).\n- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).\n- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).\n- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).\n- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).\n- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).\n- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).\n- drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).\n- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).\n- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).\n- drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).\n- drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes).\n- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).\n- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).\n- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/mediatek: fix potential OF node use-after-free (git-fixes).\n- drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes).\n- drm/msm/dpu: fix incorrect type for ret (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: update the high bitfield of certain DSI registers (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/nouveau: select FW caching (git-fixes).\n- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).\n- drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes).\n- drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).\n- drm/panthor: validate group queue count (git-fixes).\n- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).\n- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).\n- drm/simpledrm: Do not upcast in release helpers (git-fixes).\n- drm/tests: Fix endian warning (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- drm/xe/bmg: Add new PCI IDs (stable-fixes).\n- drm/xe/bmg: Update Wa_22019338487 (git-fixes).\n- drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).\n- drm/xe/tile: Release kobject for the failure path (git-fixes).\n- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).\n- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).\n- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).\n- drm/xe: Allow dropping kunit dependency as built-in (git-fixes).\n- drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).\n- drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).\n- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).\n- drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).\n- drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes).\n- drm/xe: Fix and re-enable xe_print_blob_ascii85() (git-fixes).\n- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).\n- drm/xe: Move page fault init after topology init (git-fixes).\n- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).\n- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).\n- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).\n- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).\n- fbcon: Fix OOB access in font allocation (git-fixes).\n- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).\n- firmware: meson_sm: fix device leak at probe (git-fixes).\n- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).\n- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).\n- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).\n- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).\n- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).\n- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i2c: designware: Add disabling clocks when probe fails (git-fixes).\n- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).\n- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).\n- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).\n- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)\n- i3c: Fix default I2C adapter timeout value (git-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- i3c: master: svc: Recycle unused IBI slot (git-fixes).\n- i3c: master: svc: Use manual response for IBI events (git-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).\n- iio: dac: ad5360: use int type to store negative error codes (git-fixes).\n- iio: dac: ad5421: use int type to store negative error codes (git-fixes).\n- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).\n- iio: frequency: adf4350: Fix prescaler usage (git-fixes).\n- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).\n- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iommu/vt-d: Fix __domain_mapping()\u0027s usage of switch_to_super_page() (git-fixes).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).\n- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).\n- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).\n- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).\n- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).\n- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).\n- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).\n- ixgbe: prevent from unwanted interface name changes (git-fixes).\n- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- kABI fix for \u0027netfilter: nf_tables: Audit log rule reset\u0027 (git-fixes).\n- kABI workaround for \u0027drm/dp: Add an EDID quirk for the DPCD register access probe\u0027 (bsc#1248121).\n- kABI workaround for RCU tasks exit tracking (bsc#1246298).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kABI: adjust new field on ip_ct_sctp struct (git-fixes).\n- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).\n- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).\n- kABI: make nft_trans_gc_catchall() public again (git-fixes).\n- kABI: netfilter flowtable move gc operation to bottom (git-fixes).\n- kabi: Restore layout of parallel_data (bsc1248343).\n- kabi: add struct cgroup_extra (bsc#1247963).\n- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).\n- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).\n- kernel-binary: Another installation ordering fix (bsc#1241353).\n- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- kselftest/runner.sh: add netns support\n- kselftests: Sort the collections list to avoid duplicate tests\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- livepatch: Add \u0027replace\u0027 sysfs attribute (poo#187320).\n- livepatch: Add stack_order sysfs attribute (poo#187320).\n- livepatch: Move tests from lib/livepatch to selftests/livepatch\n- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).\n- media: chips-media: wave5: Fix gray color on screen (git-fixes).\n- media: cx18: Add missing check after DMA map (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).\n- media: lirc: Fix error handling in lirc_register() (git-fixes).\n- media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).\n- media: pci: ivtv: Add missing check after DMA map (git-fixes).\n- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).\n- media: st-delta: avoid excessive stack usage (git-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).\n- media: zoran: Remove zoran_fh structure (git-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).\n- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).\n- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).\n- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).\n- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).\n- mm: move page table sync declarations to linux/pgtable.h (git-fixes).\n- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).\n- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).\n- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).\n- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).\n- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).\n- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).\n- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).\n- net: nfc: nci: Add parameter validation for packet data (git-fixes).\n- net: phy: fix phy_uses_state_machine() (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).\n- net: rose: convert \u0027use\u0027 field to refcount_t (git-fixes).\n- net: rose: fix a typo in rose_clear_routes() (git-fixes).\n- net: rose: include node references in rose_neigh refcount (git-fixes).\n- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- net: usb: cdc-ncm: check for filtering capability (git-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).\n- netfilter: conntrack: fix extension size table (git-fixes).\n- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).\n- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).\n- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).\n- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).\n- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).\n- netfilter: nf_tables: Audit log rule reset (git-fixes).\n- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).\n- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).\n- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).\n- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).\n- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).\n- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).\n- netfilter: nf_tables: Unbreak audit log reset (git-fixes).\n- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).\n- netfilter: nf_tables: audit log object reset once per table (git-fixes).\n- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).\n- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).\n- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: nft_obj_filter fits into cb-\u003ectx (git-fixes).\n- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).\n- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).\n- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).\n- netfilter: nft_payload: fix wrong mac header matching (git-fixes).\n- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).\n- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).\n- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).\n- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).\n- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).\n- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).\n- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).\n- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).\n- nvme-auth: do not re-authenticate queues with no prior authentication (bsc#1227555).\n- nvme-pci: try function level reset on init failure (git-fixes).\n- nvme-tcp: remove tag set when second admin queue config fails (git-fixes).\n- nvmet-auth: always free derived key data (git-fixes).\n- nvmet-auth: authenticate on admin queue only (bsc#1227555).\n- nvmet: auth: use NULL to clear a pointer in (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).\n- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).\n- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).\n- phy: ti-pipe3: fix device leak at unbind (git-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).\n- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).\n- pinctrl: renesas: Use int type to store negative error codes (git-fixes).\n- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).\n- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).\n- platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (git-fixes).\n- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).\n- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes).\n- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).\n- platform/x86: think-lmi: Fix class device unregistration (git-fixes).\n- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).\n- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).\n- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).\n- power: supply: max77976_charger: fix constant current reporting (git-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pptp: fix pptp_xmit() error path (git-fixes).\n- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).\n- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).\n- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)\n- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)\n- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain real-time response in (bsc#1246298)\n- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)\n- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)\n- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)\n- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).\n- regulator: scmi: Use int type to store negative error codes (git-fixes).\n- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Udate OBS repositories\n- rpm/config.sh: Update Leap project\n- rpm: Configure KABI checkingness macro (bsc#1249186).\n- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).\n- rpm: Link arch-symbols script from scripts directory.\n- rpm: Link guards script from scripts directory.\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1249183).\n- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).\n- s390/debug: Add a reverse mode for debug_dump() (git-fixes jsc#PED-13260).\n- s390/debug: Add debug_dump() to write debug view to a string buffer (git-fixes jsc#PED-13260).\n- s390/debug: Simplify and document debug_next_entry() logic (git-fixes jsc#PED-13260).\n- s390/debug: Split private data alloc/free out of file operations (git-fixes jsc#PED-13260).\n- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).\n- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).\n- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).\n- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).\n- s390/pci: Add pci_msg debug view to PCI report (git-fixes jsc#PED-13260).\n- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).\n- s390/pci: Report PCI error recovery results via SCLP (git-fixes jsc#PED-13260).\n- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).\n- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).\n- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).\n- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- sched/deadline: Collect sched_dl_entity initialization (git-fixes)\n- sched/fair: Remove unused parameter from sched_asym() (git-fixes)\n- sched/fair: Take the scheduling domain into account in (git-fixes)\n- sched/isolation: Fix boot crash when maxcpus \u0026lt; first (git-fixes)\n- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)\n- scsi: Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).\n- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE\n- selftests/bpf: Add asserts for netfilter link info (git-fixes).\n- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).\n- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).\n- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).\n- selftests/livepatch: Add selftests for \u0027replace\u0027 sysfs attribute\n- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).\n- selftests/livepatch: Replace hardcoded module name with variable in\n- selftests/livepatch: define max test-syscall processes\n- selftests/livepatch: fix and refactor new dmesg message code\n- selftests/livepatch: wait for atomic replace to occur\n- selftests/run_kselftest.sh: Fix help string for --per-test-log\n- selftests/run_kselftest.sh: Use readlink if realpath is not available\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: allow runners to override the timeout\n- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).\n- selftests: livepatch: Add initial .gitignore\n- selftests: livepatch: Avoid running the tests if kernel-devel is\n- selftests: livepatch: Test atomic replace against multiple modules\n- selftests: livepatch: Test livepatching a heavily called syscall\n- selftests: livepatch: add new ftrace helpers functions\n- selftests: livepatch: add test cases of stack_order sysfs interface\n- selftests: livepatch: handle PRINTK_CALLER in check_result()\n- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR\n- selftests: livepatch: save and restore kprobe state\n- selftests: livepatch: test if ftrace can trace a livepatched function\n- selftests: livepatch: test livepatching a kprobed function\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- serial: core: fix OF node leak (git-fixes).\n- serial: max310x: Add error checking in probe() (git-fixes).\n- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).\n- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- spi: bcm2835: Remove redundant semicolons (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).\n- spi: mtk-snfi: Remove redundant semicolons (git-fixes).\n- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).\n- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).\n- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).\n- struct l2cap_chan: shift new member rx_avail to end (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- supported.conf: mark hyperv_drm as external\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- thunderbolt: Compare HMAC values in constant time (git-fixes).\n- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).\n- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).\n- usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes).\n- usb: core: Add 0x prefix to quirks debug output (stable-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).\n- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).\n- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).\n- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).\n- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: fusb302: cache PD RX state (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).\n- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).\n- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).\n- usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes).\n- usb: typec: tipd: Clear interrupts first (git-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- use uniform permission checks for all mount propagation changes (git-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).\n- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).\n- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).\n- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).\n- vhost: fail early when __vhost_add_used() fails (git-fixes).\n- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).\n- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- vsock: Allow retrying on connect() failure (git-fixes).\n- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).\n- vsock: avoid timeout during connect() if the socket is closing (git-fixes).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).\n- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).\n- wifi: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues (stable-fixes).\n- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).\n- wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes).\n- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).\n- wifi: ath11k: fix group data packet drops during rekey (git-fixes).\n- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).\n- wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).\n- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).\n- wifi: ath12k: fix the fetching of combined rssi (git-fixes).\n- wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).\n- wifi: ath12k: fix wrong logging ID used for CE (git-fixes).\n- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).\n- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).\n- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: Remove redundant header files (git-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).\n- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).\n- wifi: mac80211: avoid weird state in error path (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).\n- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).\n- wifi: mac80211: fix incorrect type for ret (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).\n- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).\n- wifi: mwifiex: send world regulatory domain to driver (git-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).\n- wifi: virt_wifi: Fix page fault on connect (stable-fixes).\n- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (bsc#1237776).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (kABI fixup) (bsc#1237776).\n- writeback: Avoid excessively long inode switching times (bsc#1237776).\n- writeback: Avoid softlockup when switching many inodes (bsc#1237776).\n- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).\n- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).\n- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).\n- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).\n- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).\n- x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1245538).\n- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).\n- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).\n- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).\n- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).\n- xen/netfront: Fix TX response spurious interrupts (git-fixes).\n- xen: Add support for XenServer 6.1 platform device (git-fixes).\n- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).\n- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).\n- xfs: rework datasync tracking and execution (bsc#1237449).\n- xhci: Fix control transfer error on Etron xHCI host (git-fixes).\n- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).\n- xhci: dbc: decouple endpoint allocation from initialization (git-fixes).\n- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).\n- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3633,SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3633",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03633-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03633-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503633-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03633-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022926.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1170284",
"url": "https://bugzilla.suse.com/1170284"
},
{
"category": "self",
"summary": "SUSE Bug 1212533",
"url": "https://bugzilla.suse.com/1212533"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1216527",
"url": "https://bugzilla.suse.com/1216527"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1227555",
"url": "https://bugzilla.suse.com/1227555"
},
{
"category": "self",
"summary": "SUSE Bug 1230062",
"url": "https://bugzilla.suse.com/1230062"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1237449",
"url": "https://bugzilla.suse.com/1237449"
},
{
"category": "self",
"summary": "SUSE Bug 1237776",
"url": "https://bugzilla.suse.com/1237776"
},
{
"category": "self",
"summary": "SUSE Bug 1238782",
"url": "https://bugzilla.suse.com/1238782"
},
{
"category": "self",
"summary": "SUSE Bug 1240324",
"url": "https://bugzilla.suse.com/1240324"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241292",
"url": "https://bugzilla.suse.com/1241292"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1241866",
"url": "https://bugzilla.suse.com/1241866"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1243112",
"url": "https://bugzilla.suse.com/1243112"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245410",
"url": "https://bugzilla.suse.com/1245410"
},
{
"category": "self",
"summary": "SUSE Bug 1245538",
"url": "https://bugzilla.suse.com/1245538"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245700",
"url": "https://bugzilla.suse.com/1245700"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245963",
"url": "https://bugzilla.suse.com/1245963"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246057",
"url": "https://bugzilla.suse.com/1246057"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246190",
"url": "https://bugzilla.suse.com/1246190"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1246248",
"url": "https://bugzilla.suse.com/1246248"
},
{
"category": "self",
"summary": "SUSE Bug 1246298",
"url": "https://bugzilla.suse.com/1246298"
},
{
"category": "self",
"summary": "SUSE Bug 1246509",
"url": "https://bugzilla.suse.com/1246509"
},
{
"category": "self",
"summary": "SUSE Bug 1246782",
"url": "https://bugzilla.suse.com/1246782"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247099",
"url": "https://bugzilla.suse.com/1247099"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247126",
"url": "https://bugzilla.suse.com/1247126"
},
{
"category": "self",
"summary": "SUSE Bug 1247136",
"url": "https://bugzilla.suse.com/1247136"
},
{
"category": "self",
"summary": "SUSE Bug 1247137",
"url": "https://bugzilla.suse.com/1247137"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247223",
"url": "https://bugzilla.suse.com/1247223"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247239",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247262",
"url": "https://bugzilla.suse.com/1247262"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247290",
"url": "https://bugzilla.suse.com/1247290"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247442",
"url": "https://bugzilla.suse.com/1247442"
},
{
"category": "self",
"summary": "SUSE Bug 1247483",
"url": "https://bugzilla.suse.com/1247483"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247963",
"url": "https://bugzilla.suse.com/1247963"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248111",
"url": "https://bugzilla.suse.com/1248111"
},
{
"category": "self",
"summary": "SUSE Bug 1248121",
"url": "https://bugzilla.suse.com/1248121"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248175",
"url": "https://bugzilla.suse.com/1248175"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248192",
"url": "https://bugzilla.suse.com/1248192"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248199",
"url": "https://bugzilla.suse.com/1248199"
},
{
"category": "self",
"summary": "SUSE Bug 1248200",
"url": "https://bugzilla.suse.com/1248200"
},
{
"category": "self",
"summary": "SUSE Bug 1248202",
"url": "https://bugzilla.suse.com/1248202"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248225",
"url": "https://bugzilla.suse.com/1248225"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248232",
"url": "https://bugzilla.suse.com/1248232"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248296",
"url": "https://bugzilla.suse.com/1248296"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248334",
"url": "https://bugzilla.suse.com/1248334"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248343",
"url": "https://bugzilla.suse.com/1248343"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248357",
"url": "https://bugzilla.suse.com/1248357"
},
{
"category": "self",
"summary": "SUSE Bug 1248360",
"url": "https://bugzilla.suse.com/1248360"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248365",
"url": "https://bugzilla.suse.com/1248365"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248370",
"url": "https://bugzilla.suse.com/1248370"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248378",
"url": "https://bugzilla.suse.com/1248378"
},
{
"category": "self",
"summary": "SUSE Bug 1248380",
"url": "https://bugzilla.suse.com/1248380"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248392",
"url": "https://bugzilla.suse.com/1248392"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248512",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248610",
"url": "https://bugzilla.suse.com/1248610"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248616",
"url": "https://bugzilla.suse.com/1248616"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248619",
"url": "https://bugzilla.suse.com/1248619"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248622",
"url": "https://bugzilla.suse.com/1248622"
},
{
"category": "self",
"summary": "SUSE Bug 1248626",
"url": "https://bugzilla.suse.com/1248626"
},
{
"category": "self",
"summary": "SUSE Bug 1248628",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "self",
"summary": "SUSE Bug 1248634",
"url": "https://bugzilla.suse.com/1248634"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248639",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248647",
"url": "https://bugzilla.suse.com/1248647"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248674",
"url": "https://bugzilla.suse.com/1248674"
},
{
"category": "self",
"summary": "SUSE Bug 1248681",
"url": "https://bugzilla.suse.com/1248681"
},
{
"category": "self",
"summary": "SUSE Bug 1248733",
"url": "https://bugzilla.suse.com/1248733"
},
{
"category": "self",
"summary": "SUSE Bug 1248734",
"url": "https://bugzilla.suse.com/1248734"
},
{
"category": "self",
"summary": "SUSE Bug 1248735",
"url": "https://bugzilla.suse.com/1248735"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1248775",
"url": "https://bugzilla.suse.com/1248775"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249122",
"url": "https://bugzilla.suse.com/1249122"
},
{
"category": "self",
"summary": "SUSE Bug 1249123",
"url": "https://bugzilla.suse.com/1249123"
},
{
"category": "self",
"summary": "SUSE Bug 1249124",
"url": "https://bugzilla.suse.com/1249124"
},
{
"category": "self",
"summary": "SUSE Bug 1249125",
"url": "https://bugzilla.suse.com/1249125"
},
{
"category": "self",
"summary": "SUSE Bug 1249126",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "self",
"summary": "SUSE Bug 1249143",
"url": "https://bugzilla.suse.com/1249143"
},
{
"category": "self",
"summary": "SUSE Bug 1249156",
"url": "https://bugzilla.suse.com/1249156"
},
{
"category": "self",
"summary": "SUSE Bug 1249163",
"url": "https://bugzilla.suse.com/1249163"
},
{
"category": "self",
"summary": "SUSE Bug 1249172",
"url": "https://bugzilla.suse.com/1249172"
},
{
"category": "self",
"summary": "SUSE Bug 1249176",
"url": "https://bugzilla.suse.com/1249176"
},
{
"category": "self",
"summary": "SUSE Bug 1249183",
"url": "https://bugzilla.suse.com/1249183"
},
{
"category": "self",
"summary": "SUSE Bug 1249186",
"url": "https://bugzilla.suse.com/1249186"
},
{
"category": "self",
"summary": "SUSE Bug 1249193",
"url": "https://bugzilla.suse.com/1249193"
},
{
"category": "self",
"summary": "SUSE Bug 1249201",
"url": "https://bugzilla.suse.com/1249201"
},
{
"category": "self",
"summary": "SUSE Bug 1249202",
"url": "https://bugzilla.suse.com/1249202"
},
{
"category": "self",
"summary": "SUSE Bug 1249206",
"url": "https://bugzilla.suse.com/1249206"
},
{
"category": "self",
"summary": "SUSE Bug 1249258",
"url": "https://bugzilla.suse.com/1249258"
},
{
"category": "self",
"summary": "SUSE Bug 1249262",
"url": "https://bugzilla.suse.com/1249262"
},
{
"category": "self",
"summary": "SUSE Bug 1249274",
"url": "https://bugzilla.suse.com/1249274"
},
{
"category": "self",
"summary": "SUSE Bug 1249284",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "self",
"summary": "SUSE Bug 1249290",
"url": "https://bugzilla.suse.com/1249290"
},
{
"category": "self",
"summary": "SUSE Bug 1249295",
"url": "https://bugzilla.suse.com/1249295"
},
{
"category": "self",
"summary": "SUSE Bug 1249300",
"url": "https://bugzilla.suse.com/1249300"
},
{
"category": "self",
"summary": "SUSE Bug 1249303",
"url": "https://bugzilla.suse.com/1249303"
},
{
"category": "self",
"summary": "SUSE Bug 1249305",
"url": "https://bugzilla.suse.com/1249305"
},
{
"category": "self",
"summary": "SUSE Bug 1249306",
"url": "https://bugzilla.suse.com/1249306"
},
{
"category": "self",
"summary": "SUSE Bug 1249315",
"url": "https://bugzilla.suse.com/1249315"
},
{
"category": "self",
"summary": "SUSE Bug 1249333",
"url": "https://bugzilla.suse.com/1249333"
},
{
"category": "self",
"summary": "SUSE Bug 1249334",
"url": "https://bugzilla.suse.com/1249334"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE Bug 1249374",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "self",
"summary": "SUSE Bug 1249481",
"url": "https://bugzilla.suse.com/1249481"
},
{
"category": "self",
"summary": "SUSE Bug 1249482",
"url": "https://bugzilla.suse.com/1249482"
},
{
"category": "self",
"summary": "SUSE Bug 1249488",
"url": "https://bugzilla.suse.com/1249488"
},
{
"category": "self",
"summary": "SUSE Bug 1249494",
"url": "https://bugzilla.suse.com/1249494"
},
{
"category": "self",
"summary": "SUSE Bug 1249504",
"url": "https://bugzilla.suse.com/1249504"
},
{
"category": "self",
"summary": "SUSE Bug 1249508",
"url": "https://bugzilla.suse.com/1249508"
},
{
"category": "self",
"summary": "SUSE Bug 1249510",
"url": "https://bugzilla.suse.com/1249510"
},
{
"category": "self",
"summary": "SUSE Bug 1249513",
"url": "https://bugzilla.suse.com/1249513"
},
{
"category": "self",
"summary": "SUSE Bug 1249516",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "self",
"summary": "SUSE Bug 1249524",
"url": "https://bugzilla.suse.com/1249524"
},
{
"category": "self",
"summary": "SUSE Bug 1249526",
"url": "https://bugzilla.suse.com/1249526"
},
{
"category": "self",
"summary": "SUSE Bug 1249533",
"url": "https://bugzilla.suse.com/1249533"
},
{
"category": "self",
"summary": "SUSE Bug 1249540",
"url": "https://bugzilla.suse.com/1249540"
},
{
"category": "self",
"summary": "SUSE Bug 1249545",
"url": "https://bugzilla.suse.com/1249545"
},
{
"category": "self",
"summary": "SUSE Bug 1249566",
"url": "https://bugzilla.suse.com/1249566"
},
{
"category": "self",
"summary": "SUSE Bug 1249604",
"url": "https://bugzilla.suse.com/1249604"
},
{
"category": "self",
"summary": "SUSE Bug 1249608",
"url": "https://bugzilla.suse.com/1249608"
},
{
"category": "self",
"summary": "SUSE Bug 1249770",
"url": "https://bugzilla.suse.com/1249770"
},
{
"category": "self",
"summary": "SUSE Bug 1249887",
"url": "https://bugzilla.suse.com/1249887"
},
{
"category": "self",
"summary": "SUSE Bug 1249906",
"url": "https://bugzilla.suse.com/1249906"
},
{
"category": "self",
"summary": "SUSE Bug 1249915",
"url": "https://bugzilla.suse.com/1249915"
},
{
"category": "self",
"summary": "SUSE Bug 1249974",
"url": "https://bugzilla.suse.com/1249974"
},
{
"category": "self",
"summary": "SUSE Bug 1250002",
"url": "https://bugzilla.suse.com/1250002"
},
{
"category": "self",
"summary": "SUSE Bug 1250021",
"url": "https://bugzilla.suse.com/1250021"
},
{
"category": "self",
"summary": "SUSE Bug 1250025",
"url": "https://bugzilla.suse.com/1250025"
},
{
"category": "self",
"summary": "SUSE Bug 1250057",
"url": "https://bugzilla.suse.com/1250057"
},
{
"category": "self",
"summary": "SUSE Bug 1250179",
"url": "https://bugzilla.suse.com/1250179"
},
{
"category": "self",
"summary": "SUSE Bug 1250251",
"url": "https://bugzilla.suse.com/1250251"
},
{
"category": "self",
"summary": "SUSE Bug 1250267",
"url": "https://bugzilla.suse.com/1250267"
},
{
"category": "self",
"summary": "SUSE Bug 1250294",
"url": "https://bugzilla.suse.com/1250294"
},
{
"category": "self",
"summary": "SUSE Bug 1250334",
"url": "https://bugzilla.suse.com/1250334"
},
{
"category": "self",
"summary": "SUSE Bug 1250336",
"url": "https://bugzilla.suse.com/1250336"
},
{
"category": "self",
"summary": "SUSE Bug 1250344",
"url": "https://bugzilla.suse.com/1250344"
},
{
"category": "self",
"summary": "SUSE Bug 1250365",
"url": "https://bugzilla.suse.com/1250365"
},
{
"category": "self",
"summary": "SUSE Bug 1250407",
"url": "https://bugzilla.suse.com/1250407"
},
{
"category": "self",
"summary": "SUSE Bug 1250522",
"url": "https://bugzilla.suse.com/1250522"
},
{
"category": "self",
"summary": "SUSE Bug 1250530",
"url": "https://bugzilla.suse.com/1250530"
},
{
"category": "self",
"summary": "SUSE Bug 1250574",
"url": "https://bugzilla.suse.com/1250574"
},
{
"category": "self",
"summary": "SUSE Bug 1250655",
"url": "https://bugzilla.suse.com/1250655"
},
{
"category": "self",
"summary": "SUSE Bug 1250722",
"url": "https://bugzilla.suse.com/1250722"
},
{
"category": "self",
"summary": "SUSE Bug 1250952",
"url": "https://bugzilla.suse.com/1250952"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53261 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58090 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38216 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38234 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38255 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38351 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38402 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38408 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38440 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38456 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38466 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38488 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38511 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38514 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38521 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38526 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38527 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38533 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38574 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38584 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38593 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38595 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38622 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38623 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38628 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38643 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38645 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38660 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38676 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38679 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38709 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38710 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38721 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38722 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38730 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39677 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39695 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39746 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39807 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40300 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40300/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-10-17T14:32:41Z",
"generator": {
"date": "2025-10-17T14:32:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03633-1",
"initial_release_date": "2025-10-17T14:32:41Z",
"revision_history": [
{
"date": "2025-10-17T14:32:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "kernel-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.15.2.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.15.2.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"product_id": "kernel-devel-azure-6.4.0-150700.20.15.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"product_id": "kernel-source-azure-6.4.0-150700.20.15.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "kernel-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150700.20.15.2.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150700.20.15.2.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150700.20.15.2.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150700.20.15.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.15.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.15.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150700.20.15.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150700.20.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150700.20.15.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150700.20.15.2.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150700.20.15.2.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150700.20.15.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150700.20.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2023-53261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: Fix memory leak in acpi_buffer-\u003epointer\n\nThere are memory leaks reported by kmemleak:\n...\nunreferenced object 0xffff00213c141000 (size 1024):\n comm \"systemd-udevd\", pid 2123, jiffies 4294909467 (age 6062.160s)\n hex dump (first 32 bytes):\n 04 00 00 00 02 00 00 00 18 10 14 3c 21 00 ff ff ...........\u003c!...\n 00 00 00 00 00 00 00 00 03 00 00 00 10 00 00 00 ................\n backtrace:\n [\u003c000000004b7c9001\u003e] __kmem_cache_alloc_node+0x2f8/0x348\n [\u003c00000000b0fc7ceb\u003e] __kmalloc+0x58/0x108\n [\u003c0000000064ff4695\u003e] acpi_os_allocate+0x2c/0x68\n [\u003c000000007d57d116\u003e] acpi_ut_initialize_buffer+0x54/0xe0\n [\u003c0000000024583908\u003e] acpi_evaluate_object+0x388/0x438\n [\u003c0000000017b2e72b\u003e] acpi_evaluate_object_typed+0xe8/0x240\n [\u003c000000005df0eac2\u003e] coresight_get_platform_data+0x1b4/0x988 [coresight]\n...\n\nThe ACPI buffer memory (buf.pointer) should be freed. But the buffer\nis also used after returning from acpi_get_dsd_graph().\nMove the temporary variables buf to acpi_coresight_parse_graph(),\nand free it before the function return to prevent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53261",
"url": "https://www.suse.com/security/cve/CVE-2023-53261"
},
{
"category": "external",
"summary": "SUSE Bug 1249770 for CVE-2023-53261",
"url": "https://bugzilla.suse.com/1249770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2023-53261"
},
{
"cve": "CVE-2023-5633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5633"
}
],
"notes": [
{
"category": "general",
"text": "The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5633",
"url": "https://www.suse.com/security/cve/CVE-2023-5633"
},
{
"category": "external",
"summary": "SUSE Bug 1216527 for CVE-2023-5633",
"url": "https://bugzilla.suse.com/1216527"
},
{
"category": "external",
"summary": "SUSE Bug 1216645 for CVE-2023-5633",
"url": "https://bugzilla.suse.com/1216645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2023-5633"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-58090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Prevent rescheduling when interrupts are disabled\n\nDavid reported a warning observed while loop testing kexec jump:\n\n Interrupts enabled after irqrouter_resume+0x0/0x50\n WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220\n kernel_kexec+0xf6/0x180\n __do_sys_reboot+0x206/0x250\n do_syscall_64+0x95/0x180\n\nThe corresponding interrupt flag trace:\n\n hardirqs last enabled at (15573): [\u003cffffffffa8281b8e\u003e] __up_console_sem+0x7e/0x90\n hardirqs last disabled at (15580): [\u003cffffffffa8281b73\u003e] __up_console_sem+0x63/0x90\n\nThat means __up_console_sem() was invoked with interrupts enabled. Further\ninstrumentation revealed that in the interrupt disabled section of kexec\njump one of the syscore_suspend() callbacks woke up a task, which set the\nNEED_RESCHED flag. A later callback in the resume path invoked\ncond_resched() which in turn led to the invocation of the scheduler:\n\n __cond_resched+0x21/0x60\n down_timeout+0x18/0x60\n acpi_os_wait_semaphore+0x4c/0x80\n acpi_ut_acquire_mutex+0x3d/0x100\n acpi_ns_get_node+0x27/0x60\n acpi_ns_evaluate+0x1cb/0x2d0\n acpi_rs_set_srs_method_data+0x156/0x190\n acpi_pci_link_set+0x11c/0x290\n irqrouter_resume+0x54/0x60\n syscore_resume+0x6a/0x200\n kernel_kexec+0x145/0x1c0\n __do_sys_reboot+0xeb/0x240\n do_syscall_64+0x95/0x180\n\nThis is a long standing problem, which probably got more visible with\nthe recent printk changes. Something does a task wakeup and the\nscheduler sets the NEED_RESCHED flag. cond_resched() sees it set and\ninvokes schedule() from a completely bogus context. The scheduler\nenables interrupts after context switching, which causes the above\nwarning at the end.\n\nQuite some of the code paths in syscore_suspend()/resume() can result in\ntriggering a wakeup with the exactly same consequences. They might not\nhave done so yet, but as they share a lot of code with normal operations\nit\u0027s just a question of time.\n\nThe problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling\nmodels. Full preemption is not affected as cond_resched() is disabled and\nthe preemption check preemptible() takes the interrupt disabled flag into\naccount.\n\nCure the problem by adding a corresponding check into cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58090",
"url": "https://www.suse.com/security/cve/CVE-2024-58090"
},
{
"category": "external",
"summary": "SUSE Bug 1240324 for CVE-2024-58090",
"url": "https://bugzilla.suse.com/1240324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2024-58090"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-22022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Apply the link chain quirk on NEC isoc endpoints\n\nTwo clearly different specimens of NEC uPD720200 (one with start/stop\nbug, one without) were seen to cause IOMMU faults after some Missed\nService Errors. Faulting address is immediately after a transfer ring\nsegment and patched dynamic debug messages revealed that the MSE was\nreceived when waiting for a TD near the end of that segment:\n\n[ 1.041954] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ffa08fe0\n[ 1.042120] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09000 flags=0x0000]\n[ 1.042146] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09040 flags=0x0000]\n\nIt gets even funnier if the next page is a ring segment accessible to\nthe HC. Below, it reports MSE in segment at ff1e8000, plows through a\nzero-filled page at ff1e9000 and starts reporting events for TRBs in\npage at ff1ea000 every microframe, instead of jumping to seg ff1e6000.\n\n[ 7.041671] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.041999] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.042011] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042028] xhci_hcd: All TDs skipped for slot 1 ep 2. Clear skip flag.\n[ 7.042134] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042138] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042144] xhci_hcd: Looking for event-dma 00000000ff1ea040 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.042259] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042262] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042266] xhci_hcd: Looking for event-dma 00000000ff1ea050 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n\nAt some point completion events change from Isoch Buffer Overrun to\nShort Packet and the HC finally finds cycle bit mismatch in ff1ec000.\n\n[ 7.098130] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098132] xhci_hcd: Looking for event-dma 00000000ff1ecc50 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098254] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098256] xhci_hcd: Looking for event-dma 00000000ff1ecc60 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098379] xhci_hcd: Overrun event on slot 1 ep 2\n\nIt\u0027s possible that data from the isochronous device were written to\nrandom buffers of pending TDs on other endpoints (either IN or OUT),\nother devices or even other HCs in the same IOMMU domain.\n\nLastly, an error from a different USB device on another HC. Was it\ncaused by the above? I don\u0027t know, but it may have been. The disk\nwas working without any other issues and generated PCIe traffic to\nstarve the NEC of upstream BW and trigger those MSEs. The two HCs\nshared one x1 slot by means of a commercial \"PCIe splitter\" board.\n\n[ 7.162604] usb 10-2: reset SuperSpeed USB device number 3 using xhci_hcd\n[ 7.178990] sd 9:0:0:0: [sdb] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x07 driverbyte=DRIVER_OK cmd_age=0s\n[ 7.179001] sd 9:0:0:0: [sdb] tag#0 CDB: opcode=0x28 28 00 04 02 ae 00 00 02 00 00\n[ 7.179004] I/O error, dev sdb, sector 67284480 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0\n\nFortunately, it appears that this ridiculous bug is avoided by setting\nthe chain bit of Link TRBs on isochronous rings. Other ancient HCs are\nknown which also expect the bit to be set and they ignore Link TRBs if\nit\u0027s not. Reportedly, 0.95 spec guaranteed that the bit is set.\n\nThe bandwidth-starved NEC HC running a 32KB/uframe UVC endpoint reports\ntens of MSEs per second and runs into the bug within seconds. Chaining\nLink TRBs allows the same workload to run for many minutes, many times.\n\nNo ne\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22022",
"url": "https://www.suse.com/security/cve/CVE-2025-22022"
},
{
"category": "external",
"summary": "SUSE Bug 1241292 for CVE-2025-22022",
"url": "https://bugzilla.suse.com/1241292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-22022"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: ufs: Fix a hang in the error handler\n\nufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter\nfunction can only succeed if UFSHCD_EH_IN_PROGRESS is not set because\nresuming involves submitting a SCSI command and ufshcd_queuecommand()\nreturns SCSI_MLQUEUE_HOST_BUSY if UFSHCD_EH_IN_PROGRESS is set. Fix this\nhang by setting UFSHCD_EH_IN_PROGRESS after ufshcd_rpm_get_sync() has\nbeen called instead of before.\n\nBacktrace:\n__switch_to+0x174/0x338\n__schedule+0x600/0x9e4\nschedule+0x7c/0xe8\nschedule_timeout+0xa4/0x1c8\nio_schedule_timeout+0x48/0x70\nwait_for_common_io+0xa8/0x160 //waiting on START_STOP\nwait_for_completion_io_timeout+0x10/0x20\nblk_execute_rq+0xe4/0x1e4\nscsi_execute_cmd+0x108/0x244\nufshcd_set_dev_pwr_mode+0xe8/0x250\n__ufshcd_wl_resume+0x94/0x354\nufshcd_wl_runtime_resume+0x3c/0x174\nscsi_runtime_resume+0x64/0xa4\nrpm_resume+0x15c/0xa1c\n__pm_runtime_resume+0x4c/0x90 // Runtime resume ongoing\nufshcd_err_handler+0x1a0/0xd08\nprocess_one_work+0x174/0x808\nworker_thread+0x15c/0x490\nkthread+0xf4/0x1ec\nret_from_fork+0x10/0x20\n\n[ bvanassche: rewrote patch description ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38119",
"url": "https://www.suse.com/security/cve/CVE-2025-38119"
},
{
"category": "external",
"summary": "SUSE Bug 1245700 for CVE-2025-38119",
"url": "https://bugzilla.suse.com/1245700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38119"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Restore context entry setup order for aliased devices\n\nCommit 2031c469f816 (\"iommu/vt-d: Add support for static identity domain\")\nchanged the context entry setup during domain attachment from a\nset-and-check policy to a clear-and-reset approach. This inadvertently\nintroduced a regression affecting PCI aliased devices behind PCIe-to-PCI\nbridges.\n\nSpecifically, keyboard and touchpad stopped working on several Apple\nMacbooks with below messages:\n\n kernel: platform pxa2xx-spi.3: Adding to iommu group 20\n kernel: input: Apple SPI Keyboard as\n /devices/pci0000:00/0000:00:1e.3/pxa2xx-spi.3/spi_master/spi2/spi-APP000D:00/input/input0\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00\n\nFix this by restoring the previous context setup order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38216",
"url": "https://www.suse.com/security/cve/CVE-2025-38216"
},
{
"category": "external",
"summary": "SUSE Bug 1245963 for CVE-2025-38216",
"url": "https://bugzilla.suse.com/1245963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38216"
},
{
"cve": "CVE-2025-38234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/rt: Fix race in push_rt_task\n\nOverview\n========\nWhen a CPU chooses to call push_rt_task and picks a task to push to\nanother CPU\u0027s runqueue then it will call find_lock_lowest_rq method\nwhich would take a double lock on both CPUs\u0027 runqueues. If one of the\nlocks aren\u0027t readily available, it may lead to dropping the current\nrunqueue lock and reacquiring both the locks at once. During this window\nit is possible that the task is already migrated and is running on some\nother CPU. These cases are already handled. However, if the task is\nmigrated and has already been executed and another CPU is now trying to\nwake it up (ttwu) such that it is queued again on the runqeue\n(on_rq is 1) and also if the task was run by the same CPU, then the\ncurrent checks will pass even though the task was migrated out and is no\nlonger in the pushable tasks list.\n\nCrashes\n=======\nThis bug resulted in quite a few flavors of crashes triggering kernel\npanics with various crash signatures such as assert failures, page\nfaults, null pointer dereferences, and queue corruption errors all\ncoming from scheduler itself.\n\nSome of the crashes:\n-\u003e kernel BUG at kernel/sched/rt.c:1616! BUG_ON(idx \u003e= MAX_RT_PRIO)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? pick_next_task_rt+0x6e/0x1d0\n ? do_error_trap+0x64/0xa0\n ? pick_next_task_rt+0x6e/0x1d0\n ? exc_invalid_op+0x4c/0x60\n ? pick_next_task_rt+0x6e/0x1d0\n ? asm_exc_invalid_op+0x12/0x20\n ? pick_next_task_rt+0x6e/0x1d0\n __schedule+0x5cb/0x790\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: kernel NULL pointer dereference, address: 00000000000000c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? __warn+0x8a/0xe0\n ? exc_page_fault+0x3d6/0x520\n ? asm_exc_page_fault+0x1e/0x30\n ? pick_next_task_rt+0xb5/0x1d0\n ? pick_next_task_rt+0x8c/0x1d0\n __schedule+0x583/0x7e0\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: unable to handle page fault for address: ffff9464daea5900\n kernel BUG at kernel/sched/rt.c:1861! BUG_ON(rq-\u003ecpu != task_cpu(p))\n\n-\u003e kernel BUG at kernel/sched/rt.c:1055! BUG_ON(!rq-\u003enr_running)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? do_error_trap+0x64/0xa0\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? exc_invalid_op+0x4c/0x60\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? asm_exc_invalid_op+0x12/0x20\n ? dequeue_top_rt_rq+0xa2/0xb0\n dequeue_rt_entity+0x1f/0x70\n dequeue_task_rt+0x2d/0x70\n __schedule+0x1a8/0x7e0\n ? blk_finish_plug+0x25/0x40\n schedule+0x3c/0xb0\n futex_wait_queue_me+0xb6/0x120\n futex_wait+0xd9/0x240\n do_futex+0x344/0xa90\n ? get_mm_exe_file+0x30/0x60\n ? audit_exe_compare+0x58/0x70\n ? audit_filter_rules.constprop.26+0x65e/0x1220\n __x64_sys_futex+0x148/0x1f0\n do_syscall_64+0x30/0x80\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\n\n-\u003e BUG: unable to handle page fault for address: ffff8cf3608bc2c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? spurious_kernel_fault+0x171/0x1c0\n ? exc_page_fault+0x3b6/0x520\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? asm_exc_page_fault+0x1e/0x30\n ? _cond_resched+0x15/0x30\n ? futex_wait_queue_me+0xc8/0x120\n ? futex_wait+0xd9/0x240\n ? try_to_wake_up+0x1b8/0x490\n ? futex_wake+0x78/0x160\n ? do_futex+0xcd/0xa90\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? plist_del+0x6a/0xd0\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? dequeue_pushable_task+0x20/0x70\n ? __schedule+0x382/0x7e0\n ? asm_sysvec_reschedule_i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38234",
"url": "https://www.suse.com/security/cve/CVE-2025-38234"
},
{
"category": "external",
"summary": "SUSE Bug 1246057 for CVE-2025-38234",
"url": "https://bugzilla.suse.com/1246057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38234"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()\n\nWhile testing null_blk with configfs, echo 0 \u003e poll_queues will trigger\nfollowing panic:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\nRIP: 0010:__bitmap_or+0x48/0x70\nCall Trace:\n \u003cTASK\u003e\n __group_cpus_evenly+0x822/0x8c0\n group_cpus_evenly+0x2d9/0x490\n blk_mq_map_queues+0x1e/0x110\n null_map_queues+0xc9/0x170 [null_blk]\n blk_mq_update_queue_map+0xdb/0x160\n blk_mq_update_nr_hw_queues+0x22b/0x560\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_poll_queues_store+0xa4/0x130 [null_blk]\n configfs_write_iter+0x109/0x1d0\n vfs_write+0x26e/0x6f0\n ksys_write+0x79/0x180\n __x64_sys_write+0x1d/0x30\n x64_sys_call+0x45c4/0x45f0\n do_syscall_64+0xa5/0x240\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that numgrps is set to 0, and ZERO_SIZE_PTR is returned from\nkcalloc(), and later ZERO_SIZE_PTR will be deferenced.\n\nFix the problem by checking numgrps first in group_cpus_evenly(), and\nreturn NULL directly if numgrps is zero.\n\n[yukuai3@huawei.com: also fix the non-SMP version]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38255",
"url": "https://www.suse.com/security/cve/CVE-2025-38255"
},
{
"category": "external",
"summary": "SUSE Bug 1246190 for CVE-2025-38255",
"url": "https://bugzilla.suse.com/1246190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38255"
},
{
"cve": "CVE-2025-38263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix NULL pointer in cache_set_flush()\n\n1. LINE#1794 - LINE#1887 is some codes about function of\n bch_cache_set_alloc().\n2. LINE#2078 - LINE#2142 is some codes about function of\n register_cache_set().\n3. register_cache_set() will call bch_cache_set_alloc() in LINE#2098.\n\n 1794 struct cache_set *bch_cache_set_alloc(struct cache_sb *sb)\n 1795 {\n ...\n 1860 if (!(c-\u003edevices = kcalloc(c-\u003enr_uuids, sizeof(void *), GFP_KERNEL)) ||\n 1861 mempool_init_slab_pool(\u0026c-\u003esearch, 32, bch_search_cache) ||\n 1862 mempool_init_kmalloc_pool(\u0026c-\u003ebio_meta, 2,\n 1863 sizeof(struct bbio) + sizeof(struct bio_vec) *\n 1864 bucket_pages(c)) ||\n 1865 mempool_init_kmalloc_pool(\u0026c-\u003efill_iter, 1, iter_size) ||\n 1866 bioset_init(\u0026c-\u003ebio_split, 4, offsetof(struct bbio, bio),\n 1867 BIOSET_NEED_BVECS|BIOSET_NEED_RESCUER) ||\n 1868 !(c-\u003euuids = alloc_bucket_pages(GFP_KERNEL, c)) ||\n 1869 !(c-\u003emoving_gc_wq = alloc_workqueue(\"bcache_gc\",\n 1870 WQ_MEM_RECLAIM, 0)) ||\n 1871 bch_journal_alloc(c) ||\n 1872 bch_btree_cache_alloc(c) ||\n 1873 bch_open_buckets_alloc(c) ||\n 1874 bch_bset_sort_state_init(\u0026c-\u003esort, ilog2(c-\u003ebtree_pages)))\n 1875 goto err;\n ^^^^^^^^\n 1876\n ...\n 1883 return c;\n 1884 err:\n 1885 bch_cache_set_unregister(c);\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n 1886 return NULL;\n 1887 }\n ...\n 2078 static const char *register_cache_set(struct cache *ca)\n 2079 {\n ...\n 2098 c = bch_cache_set_alloc(\u0026ca-\u003esb);\n 2099 if (!c)\n 2100 return err;\n ^^^^^^^^^^\n ...\n 2128 ca-\u003eset = c;\n 2129 ca-\u003eset-\u003ecache[ca-\u003esb.nr_this_dev] = ca;\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n ...\n 2138 return NULL;\n 2139 err:\n 2140 bch_cache_set_unregister(c);\n 2141 return err;\n 2142 }\n\n(1) If LINE#1860 - LINE#1874 is true, then do \u0027goto err\u0027(LINE#1875) and\n call bch_cache_set_unregister()(LINE#1885).\n(2) As (1) return NULL(LINE#1886), LINE#2098 - LINE#2100 would return.\n(3) As (2) has returned, LINE#2128 - LINE#2129 would do *not* give the\n value to c-\u003ecache[], it means that c-\u003ecache[] is NULL.\n\nLINE#1624 - LINE#1665 is some codes about function of cache_set_flush().\nAs (1), in LINE#1885 call\nbch_cache_set_unregister()\n---\u003e bch_cache_set_stop()\n ---\u003e closure_queue()\n -.-\u003e cache_set_flush() (as below LINE#1624)\n\n 1624 static void cache_set_flush(struct closure *cl)\n 1625 {\n ...\n 1654 for_each_cache(ca, c, i)\n 1655 if (ca-\u003ealloc_thread)\n ^^\n 1656 kthread_stop(ca-\u003ealloc_thread);\n ...\n 1665 }\n\n(4) In LINE#1655 ca is NULL(see (3)) in cache_set_flush() then the\n kernel crash occurred as below:\n[ 846.712887] bcache: register_cache() error drbd6: cannot allocate memory\n[ 846.713242] bcache: register_bcache() error : failed to register device\n[ 846.713336] bcache: cache_set_free() Cache set 2f84bdc1-498a-4f2f-98a7-01946bf54287 unregistered\n[ 846.713768] BUG: unable to handle kernel NULL pointer dereference at 00000000000009f8\n[ 846.714790] PGD 0 P4D 0\n[ 846.715129] Oops: 0000 [#1] SMP PTI\n[ 846.715472] CPU: 19 PID: 5057 Comm: kworker/19:16 Kdump: loaded Tainted: G OE --------- - - 4.18.0-147.5.1.el8_1.5es.3.x86_64 #1\n[ 846.716082] Hardware name: ESPAN GI-25212/X11DPL-i, BIOS 2.1 06/15/2018\n[ 846.716451] Workqueue: events cache_set_flush [bcache]\n[ 846.716808] RIP: 0010:cache_set_flush+0xc9/0x1b0 [bcache]\n[ 846.717155] Code: 00 4c 89 a5 b0 03 00 00 48 8b 85 68 f6 ff ff a8 08 0f 84 88 00 00 00 31 db 66 83 bd 3c f7 ff ff 00 48 8b 85 48 ff ff ff 74 28 \u003c48\u003e 8b b8 f8 09 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38263",
"url": "https://www.suse.com/security/cve/CVE-2025-38263"
},
{
"category": "external",
"summary": "SUSE Bug 1246248 for CVE-2025-38263",
"url": "https://bugzilla.suse.com/1246248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38263"
},
{
"cve": "CVE-2025-38351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38351"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush\n\nIn KVM guests with Hyper-V hypercalls enabled, the hypercalls\nHVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX\nallow a guest to request invalidation of portions of a virtual TLB.\nFor this, the hypercall parameter includes a list of GVAs that are supposed\nto be invalidated.\n\nHowever, when non-canonical GVAs are passed, there is currently no\nfiltering in place and they are eventually passed to checked invocations of\nINVVPID on Intel / INVLPGA on AMD. While AMD\u0027s INVLPGA silently ignores\nnon-canonical addresses (effectively a no-op), Intel\u0027s INVVPID explicitly\nsignals VM-Fail and ultimately triggers the WARN_ONCE in invvpid_error():\n\n invvpid failed: ext=0x0 vpid=1 gva=0xaaaaaaaaaaaaa000\n WARNING: CPU: 6 PID: 326 at arch/x86/kvm/vmx/vmx.c:482\n invvpid_error+0x91/0xa0 [kvm_intel]\n Modules linked in: kvm_intel kvm 9pnet_virtio irqbypass fuse\n CPU: 6 UID: 0 PID: 326 Comm: kvm-vm Not tainted 6.15.0 #14 PREEMPT(voluntary)\n RIP: 0010:invvpid_error+0x91/0xa0 [kvm_intel]\n Call Trace:\n vmx_flush_tlb_gva+0x320/0x490 [kvm_intel]\n kvm_hv_vcpu_flush_tlb+0x24f/0x4f0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x3013/0x5810 [kvm]\n\nHyper-V documents that invalid GVAs (those that are beyond a partition\u0027s\nGVA space) are to be ignored. While not completely clear whether this\nruling also applies to non-canonical GVAs, it is likely fine to make that\nassumption, and manual testing on Azure confirms \"real\" Hyper-V interprets\nthe specification in the same way.\n\nSkip non-canonical GVAs when processing the list of address to avoid\ntripping the INVVPID failure. Alternatively, KVM could filter out \"bad\"\nGVAs before inserting into the FIFO, but practically speaking the only\ndownside of pushing validation to the final processing is that doing so\nis suboptimal for the guest, and no well-behaved guest will request TLB\nflushes for non-canonical addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38351",
"url": "https://www.suse.com/security/cve/CVE-2025-38351"
},
{
"category": "external",
"summary": "SUSE Bug 1246782 for CVE-2025-38351",
"url": "https://bugzilla.suse.com/1246782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38351"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: return 0 size for RSS key if not supported\n\nReturning -EOPNOTSUPP from function returning u32 is leading to\ncast and invalid size value as a result.\n\n-EOPNOTSUPP as a size probably will lead to allocation fail.\n\nCommand: ethtool -x eth0\nIt is visible on all devices that don\u0027t have RSS caps set.\n\n[ 136.615917] Call Trace:\n[ 136.615921] \u003cTASK\u003e\n[ 136.615927] ? __warn+0x89/0x130\n[ 136.615942] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.615953] ? report_bug+0x164/0x190\n[ 136.615968] ? handle_bug+0x58/0x90\n[ 136.615979] ? exc_invalid_op+0x17/0x70\n[ 136.615987] ? asm_exc_invalid_op+0x1a/0x20\n[ 136.616001] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616016] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.616028] __alloc_pages_noprof+0xe/0x20\n[ 136.616038] ___kmalloc_large_node+0x80/0x110\n[ 136.616072] __kmalloc_large_node_noprof+0x1d/0xa0\n[ 136.616081] __kmalloc_noprof+0x32c/0x4c0\n[ 136.616098] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616105] rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616114] ethnl_default_doit+0x107/0x3d0\n[ 136.616131] genl_family_rcv_msg_doit+0x100/0x160\n[ 136.616147] genl_rcv_msg+0x1b8/0x2c0\n[ 136.616156] ? __pfx_ethnl_default_doit+0x10/0x10\n[ 136.616168] ? __pfx_genl_rcv_msg+0x10/0x10\n[ 136.616176] netlink_rcv_skb+0x58/0x110\n[ 136.616186] genl_rcv+0x28/0x40\n[ 136.616195] netlink_unicast+0x19b/0x290\n[ 136.616206] netlink_sendmsg+0x222/0x490\n[ 136.616215] __sys_sendto+0x1fd/0x210\n[ 136.616233] __x64_sys_sendto+0x24/0x30\n[ 136.616242] do_syscall_64+0x82/0x160\n[ 136.616252] ? __sys_recvmsg+0x83/0xe0\n[ 136.616265] ? syscall_exit_to_user_mode+0x10/0x210\n[ 136.616275] ? do_syscall_64+0x8e/0x160\n[ 136.616282] ? __count_memcg_events+0xa1/0x130\n[ 136.616295] ? count_memcg_events.constprop.0+0x1a/0x30\n[ 136.616306] ? handle_mm_fault+0xae/0x2d0\n[ 136.616319] ? do_user_addr_fault+0x379/0x670\n[ 136.616328] ? clear_bhb_loop+0x45/0xa0\n[ 136.616340] ? clear_bhb_loop+0x45/0xa0\n[ 136.616349] ? clear_bhb_loop+0x45/0xa0\n[ 136.616359] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 136.616369] RIP: 0033:0x7fd30ba7b047\n[ 136.616376] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d bd d5 0c 00 00 41 89 ca 74 10 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 71 c3 55 48 83 ec 30 44 89 4c 24 2c 4c 89 44\n[ 136.616381] RSP: 002b:00007ffde1796d68 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 136.616388] RAX: ffffffffffffffda RBX: 000055d7bd89f2a0 RCX: 00007fd30ba7b047\n[ 136.616392] RDX: 0000000000000028 RSI: 000055d7bd89f3b0 RDI: 0000000000000003\n[ 136.616396] RBP: 00007ffde1796e10 R08: 00007fd30bb4e200 R09: 000000000000000c\n[ 136.616399] R10: 0000000000000000 R11: 0000000000000202 R12: 000055d7bd89f340\n[ 136.616403] R13: 000055d7bd89f3b0 R14: 000055d78943f200 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38402",
"url": "https://www.suse.com/security/cve/CVE-2025-38402"
},
{
"category": "external",
"summary": "SUSE Bug 1247262 for CVE-2025-38402",
"url": "https://bugzilla.suse.com/1247262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38402"
},
{
"cve": "CVE-2025-38408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/irq_sim: Initialize work context pointers properly\n\nInitialize `ops` member\u0027s pointers properly by using kzalloc() instead of\nkmalloc() when allocating the simulation work context. Otherwise the\npointers contain random content leading to invalid dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38408",
"url": "https://www.suse.com/security/cve/CVE-2025-38408"
},
{
"category": "external",
"summary": "SUSE Bug 1247126 for CVE-2025-38408",
"url": "https://bugzilla.suse.com/1247126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38408"
},
{
"cve": "CVE-2025-38418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails\n\nWhen rproc-\u003estate = RPROC_DETACHED is attached to remote processor\nthrough rproc_attach(), if rproc_handle_resources() returns failure,\nthen the clean table should be released, otherwise the following\nmemory leak will occur.\n\nunreferenced object 0xffff000086a99800 (size 1024):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893670 (age 121.140s)\nhex dump (first 32 bytes):\n00 00 00 00 00 80 00 00 00 00 00 00 00 00 10 00 ............\n00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 ............\nbacktrace:\n [\u003c000000008bbe4ca8\u003e] slab_post_alloc_hook+0x98/0x3fc\n [\u003c000000003b8a272b\u003e] __kmem_cache_alloc_node+0x13c/0x230\n [\u003c000000007a507c51\u003e] __kmalloc_node_track_caller+0x5c/0x260\n [\u003c0000000037818dae\u003e] kmemdup+0x34/0x60\n [\u003c00000000610f7f57\u003e] rproc_boot+0x35c/0x56c\n [\u003c0000000065f8871a\u003e] rproc_add+0x124/0x17c\n [\u003c00000000497416ee\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c000000003bcaa37d\u003e] platform_probe+0x68/0xd8\n [\u003c00000000771577f9\u003e] really_probe+0x110/0x27c\n [\u003c00000000531fea59\u003e] __driver_probe_device+0x78/0x12c\n [\u003c0000000080036a04\u003e] driver_probe_device+0x3c/0x118\n [\u003c000000007e0bddcb\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c000000000cf1fa33\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c000000001a53b53e\u003e] __device_attach+0xfc/0x18c\n [\u003c00000000d1a2a32c\u003e] device_initial_probe+0x14/0x20\n [\u003c00000000d8f8b7ae\u003e] bus_probe_device+0xb0/0xb4\n unreferenced object 0xffff0000864c9690 (size 16):",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38418",
"url": "https://www.suse.com/security/cve/CVE-2025-38418"
},
{
"category": "external",
"summary": "SUSE Bug 1247137 for CVE-2025-38418",
"url": "https://bugzilla.suse.com/1247137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38418"
},
{
"cve": "CVE-2025-38419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()\n\nWhen rproc-\u003estate = RPROC_DETACHED and rproc_attach() is used\nto attach to the remote processor, if rproc_handle_resources()\nreturns a failure, the resources allocated by imx_rproc_prepare()\nshould be released, otherwise the following memory leak will occur.\n\nSince almost the same thing is done in imx_rproc_prepare() and\nrproc_resource_cleanup(), Function rproc_resource_cleanup() is able\nto deal with empty lists so it is better to fix the \"goto\" statements\nin rproc_attach(). replace the \"unprepare_device\" goto statement with\n\"clean_up_resources\" and get rid of the \"unprepare_device\" label.\n\nunreferenced object 0xffff0000861c5d00 (size 128):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893509 (age 149.220s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 02 88 00 00 00 00 00 00 10 00 00 00 00 00 ............\nbacktrace:\n [\u003c00000000f949fe18\u003e] slab_post_alloc_hook+0x98/0x37c\n [\u003c00000000adbfb3e7\u003e] __kmem_cache_alloc_node+0x138/0x2e0\n [\u003c00000000521c0345\u003e] kmalloc_trace+0x40/0x158\n [\u003c000000004e330a49\u003e] rproc_mem_entry_init+0x60/0xf8\n [\u003c000000002815755e\u003e] imx_rproc_prepare+0xe0/0x180\n [\u003c0000000003f61b4e\u003e] rproc_boot+0x2ec/0x528\n [\u003c00000000e7e994ac\u003e] rproc_add+0x124/0x17c\n [\u003c0000000048594076\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c00000000efc298a1\u003e] platform_probe+0x68/0xd8\n [\u003c00000000110be6fe\u003e] really_probe+0x110/0x27c\n [\u003c00000000e245c0ae\u003e] __driver_probe_device+0x78/0x12c\n [\u003c00000000f61f6f5e\u003e] driver_probe_device+0x3c/0x118\n [\u003c00000000a7874938\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c0000000065319e69\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c00000000db3eb243\u003e] __device_attach+0xfc/0x18c\n [\u003c0000000072e4e1a4\u003e] device_initial_probe+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38419",
"url": "https://www.suse.com/security/cve/CVE-2025-38419"
},
{
"category": "external",
"summary": "SUSE Bug 1247136 for CVE-2025-38419",
"url": "https://bugzilla.suse.com/1247136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38419"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix race between DIM disable and net_dim()\n\nThere\u0027s a race between disabling DIM and NAPI callbacks using the dim\npointer on the RQ or SQ.\n\nIf NAPI checks the DIM state bit and sees it still set, it assumes\n`rq-\u003edim` or `sq-\u003edim` is valid. But if DIM gets disabled right after\nthat check, the pointer might already be set to NULL, leading to a NULL\npointer dereference in net_dim().\n\nFix this by calling `synchronize_net()` before freeing the DIM context.\nThis ensures all in-progress NAPI callbacks are finished before the\npointer is cleared.\n\nKernel log:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:net_dim+0x23/0x190\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? common_interrupt+0xf/0xa0\n ? sysvec_call_function_single+0xb/0x90\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? net_dim+0x23/0x190\n ? mlx5e_poll_ico_cq+0x41/0x6f0 [mlx5_core]\n ? sysvec_apic_timer_interrupt+0xb/0x90\n mlx5e_handle_rx_dim+0x92/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x2cd/0xac0 [mlx5_core]\n ? mlx5e_poll_ico_cq+0xe5/0x6f0 [mlx5_core]\n busy_poll_stop+0xa2/0x200\n ? mlx5e_napi_poll+0x1d9/0xac0 [mlx5_core]\n ? mlx5e_trigger_irq+0x130/0x130 [mlx5_core]\n __napi_busy_loop+0x345/0x3b0\n ? sysvec_call_function_single+0xb/0x90\n ? asm_sysvec_call_function_single+0x16/0x20\n ? sysvec_apic_timer_interrupt+0xb/0x90\n ? pcpu_free_area+0x1e4/0x2e0\n napi_busy_loop+0x11/0x20\n xsk_recvmsg+0x10c/0x130\n sock_recvmsg+0x44/0x70\n __sys_recvfrom+0xbc/0x130\n ? __schedule+0x398/0x890\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n...\n---[ end trace 0000000000000000 ]---\n...\n---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38440",
"url": "https://www.suse.com/security/cve/CVE-2025-38440"
},
{
"category": "external",
"summary": "SUSE Bug 1247290 for CVE-2025-38440",
"url": "https://bugzilla.suse.com/1247290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38440"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:msghandler: Fix potential memory corruption in ipmi_create_user()\n\nThe \"intf\" list iterator is an invalid pointer if the correct\n\"intf-\u003eintf_num\" is not found. Calling atomic_dec(\u0026intf-\u003enr_users) on\nand invalid pointer will lead to memory corruption.\n\nWe don\u0027t really need to call atomic_dec() if we haven\u0027t called\natomic_add_return() so update the if (intf-\u003ein_shutdown) path as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38456",
"url": "https://www.suse.com/security/cve/CVE-2025-38456"
},
{
"category": "external",
"summary": "SUSE Bug 1247099 for CVE-2025-38456",
"url": "https://bugzilla.suse.com/1247099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38456"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Revert to requiring CAP_SYS_ADMIN for uprobes\n\nJann reports that uprobes can be used destructively when used in the\nmiddle of an instruction. The kernel only verifies there is a valid\ninstruction at the requested offset, but due to variable instruction\nlength cannot determine if this is an instruction as seen by the\nintended execution stream.\n\nAdditionally, Mark Rutland notes that on architectures that mix data\nin the text segment (like arm64), a similar things can be done if the\ndata word is \u0027mistaken\u0027 for an instruction.\n\nAs such, require CAP_SYS_ADMIN for uprobes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38466",
"url": "https://www.suse.com/security/cve/CVE-2025-38466"
},
{
"category": "external",
"summary": "SUSE Bug 1247442 for CVE-2025-38466",
"url": "https://bugzilla.suse.com/1247442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38466"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in crypt_message when using async crypto\n\nThe CVE-2024-50047 fix removed asynchronous crypto handling from\ncrypt_message(), assuming all crypto operations are synchronous.\nHowever, when hardware crypto accelerators are used, this can cause\nuse-after-free crashes:\n\n crypt_message()\n // Allocate the creq buffer containing the req\n creq = smb2_get_aead_req(..., \u0026req);\n\n // Async encryption returns -EINPROGRESS immediately\n rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);\n\n // Free creq while async operation is still in progress\n kvfree_sensitive(creq, ...);\n\nHardware crypto modules often implement async AEAD operations for\nperformance. When crypto_aead_encrypt/decrypt() returns -EINPROGRESS,\nthe operation completes asynchronously. Without crypto_wait_req(),\nthe function immediately frees the request buffer, leading to crashes\nwhen the driver later accesses the freed memory.\n\nThis results in a use-after-free condition when the hardware crypto\ndriver later accesses the freed request structure, leading to kernel\ncrashes with NULL pointer dereferences.\n\nThe issue occurs because crypto_alloc_aead() with mask=0 doesn\u0027t\nguarantee synchronous operation. Even without CRYPTO_ALG_ASYNC in\nthe mask, async implementations can be selected.\n\nFix by restoring the async crypto handling:\n- DECLARE_CRYPTO_WAIT(wait) for completion tracking\n- aead_request_set_callback() for async completion notification\n- crypto_wait_req() to wait for operation completion\n\nThis ensures the request buffer isn\u0027t freed until the crypto operation\ncompletes, whether synchronous or asynchronous, while preserving the\nCVE-2024-50047 fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38488",
"url": "https://www.suse.com/security/cve/CVE-2025-38488"
},
{
"category": "external",
"summary": "SUSE Bug 1247239 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "external",
"summary": "SUSE Bug 1247240 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38488"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/pf: Clear all LMTT pages on alloc\n\nOur LMEM buffer objects are not cleared by default on alloc\nand during VF provisioning we only setup LMTT PTEs for the\nactually provisioned LMEM range. But beyond that valid range\nwe might leave some stale data that could either point to some\nother VFs allocations or even to the PF pages.\n\nExplicitly clear all new LMTT page to avoid the risk that a\nmalicious VF would try to exploit that gap.\n\nWhile around add asserts to catch any undesired PTE overwrites\nand low-level debug traces to track LMTT PT life-cycle.\n\n(cherry picked from commit 3fae6918a3e27cce20ded2551f863fb05d4bef8d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38511",
"url": "https://www.suse.com/security/cve/CVE-2025-38511"
},
{
"category": "external",
"summary": "SUSE Bug 1248175 for CVE-2025-38511",
"url": "https://bugzilla.suse.com/1248175"
},
{
"category": "external",
"summary": "SUSE Bug 1248176 for CVE-2025-38511",
"url": "https://bugzilla.suse.com/1248176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38511"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix oops due to non-existence of prealloc backlog struct\n\nIf an AF_RXRPC service socket is opened and bound, but calls are\npreallocated, then rxrpc_alloc_incoming_call() will oops because the\nrxrpc_backlog struct doesn\u0027t get allocated until the first preallocation is\nmade.\n\nFix this by returning NULL from rxrpc_alloc_incoming_call() if there is no\nbacklog struct. This will cause the incoming call to be aborted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38514",
"url": "https://www.suse.com/security/cve/CVE-2025-38514"
},
{
"category": "external",
"summary": "SUSE Bug 1248202 for CVE-2025-38514",
"url": "https://bugzilla.suse.com/1248202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38514"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix kernel crash when hard resetting the GPU\n\nThe GPU hard reset sequence calls pm_runtime_force_suspend() and\npm_runtime_force_resume(), which according to their documentation should\nonly be used during system-wide PM transitions to sleep states.\n\nThe main issue though is that depending on some internal runtime PM\nstate as seen by pm_runtime_force_suspend() (whether the usage count is\n\u003c= 1), pm_runtime_force_resume() might not resume the device unless\nneeded. If that happens, the runtime PM resume callback\npvr_power_device_resume() is not called, the GPU clocks are not\nre-enabled, and the kernel crashes on the next attempt to access GPU\nregisters as part of the power-on sequence.\n\nReplace calls to pm_runtime_force_suspend() and\npm_runtime_force_resume() with direct calls to the driver\u0027s runtime PM\ncallbacks, pvr_power_device_suspend() and pvr_power_device_resume(),\nto ensure clocks are re-enabled and avoid the kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38521",
"url": "https://www.suse.com/security/cve/CVE-2025-38521"
},
{
"category": "external",
"summary": "SUSE Bug 1248232 for CVE-2025-38521",
"url": "https://bugzilla.suse.com/1248232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38521"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: add NULL check in eswitch lag check\n\nThe function ice_lag_is_switchdev_running() is being called from outside of\nthe LAG event handler code. This results in the lag-\u003eupper_netdev being\nNULL sometimes. To avoid a NULL-pointer dereference, there needs to be a\ncheck before it is dereferenced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38526",
"url": "https://www.suse.com/security/cve/CVE-2025-38526"
},
{
"category": "external",
"summary": "SUSE Bug 1248192 for CVE-2025-38526",
"url": "https://bugzilla.suse.com/1248192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38526"
},
{
"cve": "CVE-2025-38527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n cifs_oplock_break()\n _cifsFileInfo_put(cfile)\n cifsFileInfo_put_final()\n cifs_sb_deactive()\n [last ref, start releasing sb]\n kill_sb()\n kill_anon_super()\n generic_shutdown_super()\n evict_inodes()\n dispose_list()\n evict()\n destroy_inode()\n call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n spin_lock(\u0026cinode-\u003eopen_file_lock) \u003c- OK\n [later] i_callback()\n cifs_free_inode()\n kmem_cache_free(cinode)\n spin_unlock(\u0026cinode-\u003eopen_file_lock) \u003c- UAF\n cifs_done_oplock_break(cinode) \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38527",
"url": "https://www.suse.com/security/cve/CVE-2025-38527"
},
{
"category": "external",
"summary": "SUSE Bug 1248199 for CVE-2025-38527",
"url": "https://bugzilla.suse.com/1248199"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38527"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix the using of Rx buffer DMA\n\nThe wx_rx_buffer structure contained two DMA address fields: \u0027dma\u0027 and\n\u0027page_dma\u0027. However, only \u0027page_dma\u0027 was actually initialized and used\nto program the Rx descriptor. But \u0027dma\u0027 was uninitialized and used in\nsome paths.\n\nThis could lead to undefined behavior, including DMA errors or\nuse-after-free, if the uninitialized \u0027dma\u0027 was used. Althrough such\nerror has not yet occurred, it is worth fixing in the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38533",
"url": "https://www.suse.com/security/cve/CVE-2025-38533"
},
{
"category": "external",
"summary": "SUSE Bug 1248200 for CVE-2025-38533",
"url": "https://bugzilla.suse.com/1248200"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38533"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix bug due to prealloc collision\n\nWhen userspace is using AF_RXRPC to provide a server, it has to preallocate\nincoming calls and assign to them call IDs that will be used to thread\nrelated recvmsg() and sendmsg() together. The preallocated call IDs will\nautomatically be attached to calls as they come in until the pool is empty.\n\nTo the kernel, the call IDs are just arbitrary numbers, but userspace can\nuse the call ID to hold a pointer to prepared structs. In any case, the\nuser isn\u0027t permitted to create two calls with the same call ID (call IDs\nbecome available again when the call ends) and EBADSLT should result from\nsendmsg() if an attempt is made to preallocate a call with an in-use call\nID.\n\nHowever, the cleanup in the error handling will trigger both assertions in\nrxrpc_cleanup_call() because the call isn\u0027t marked complete and isn\u0027t\nmarked as having been released.\n\nFix this by setting the call state in rxrpc_service_prealloc_one() and then\nmarking it as being released before calling the cleanup function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38544",
"url": "https://www.suse.com/security/cve/CVE-2025-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1248225 for CVE-2025-38544",
"url": "https://bugzilla.suse.com/1248225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38544"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn\u0027t reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38556",
"url": "https://www.suse.com/security/cve/CVE-2025-38556"
},
{
"category": "external",
"summary": "SUSE Bug 1248296 for CVE-2025-38556",
"url": "https://bugzilla.suse.com/1248296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38556"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38574",
"url": "https://www.suse.com/security/cve/CVE-2025-38574"
},
{
"category": "external",
"summary": "SUSE Bug 1248365 for CVE-2025-38574",
"url": "https://bugzilla.suse.com/1248365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38574"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix pd UAF once and for all\n\nThere is a race condition/UAF in padata_reorder that goes back\nto the initial commit. A reference count is taken at the start\nof the process in padata_do_parallel, and released at the end in\npadata_serial_worker.\n\nThis reference count is (and only is) required for padata_replace\nto function correctly. If padata_replace is never called then\nthere is no issue.\n\nIn the function padata_reorder which serves as the core of padata,\nas soon as padata is added to queue-\u003eserial.list, and the associated\nspin lock released, that padata may be processed and the reference\ncount on pd would go away.\n\nFix this by getting the next padata before the squeue-\u003eserial lock\nis released.\n\nIn order to make this possible, simplify padata_reorder by only\ncalling it once the next padata arrives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38584",
"url": "https://www.suse.com/security/cve/CVE-2025-38584"
},
{
"category": "external",
"summary": "SUSE Bug 1248343 for CVE-2025-38584",
"url": "https://bugzilla.suse.com/1248343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38584"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Remove skb secpath if xfrm state is not found\n\nHardware returns a unique identifier for a decrypted packet\u0027s xfrm\nstate, this state is looked up in an xarray. However, the state might\nhave been freed by the time of this lookup.\n\nCurrently, if the state is not found, only a counter is incremented.\nThe secpath (sp) extension on the skb is not removed, resulting in\nsp-\u003elen becoming 0.\n\nSubsequently, functions like __xfrm_policy_check() attempt to access\nfields such as xfrm_input_state(skb)-\u003exso.type (which dereferences\nsp-\u003exvec[sp-\u003elen - 1]) without first validating sp-\u003elen. This leads to\na crash when dereferencing an invalid state pointer.\n\nThis patch prevents the crash by explicitly removing the secpath\nextension from the skb if the xfrm state is not found after hardware\ndecryption. This ensures downstream functions do not operate on a\nzero-length secpath.\n\n BUG: unable to handle page fault for address: ffffffff000002c8\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 282e067 P4D 282e067 PUD 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 12 UID: 0 PID: 0 Comm: swapper/12 Not tainted 6.15.0-rc7_for_upstream_min_debug_2025_05_27_22_44 #1 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__xfrm_policy_check+0x61a/0xa30\n Code: b6 77 7f 83 e6 02 74 14 4d 8b af d8 00 00 00 41 0f b6 45 05 c1 e0 03 48 98 49 01 c5 41 8b 45 00 83 e8 01 48 98 49 8b 44 c5 10 \u003c0f\u003e b6 80 c8 02 00 00 83 e0 0c 3c 04 0f 84 0c 02 00 00 31 ff 80 fa\n RSP: 0018:ffff88885fb04918 EFLAGS: 00010297\n RAX: ffffffff00000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000000\n RBP: ffffffff8311af80 R08: 0000000000000020 R09: 00000000c2eda353\n R10: ffff88812be2bbc8 R11: 000000001faab533 R12: ffff88885fb049c8\n R13: ffff88812be2bbc8 R14: 0000000000000000 R15: ffff88811896ae00\n FS: 0000000000000000(0000) GS:ffff8888dca82000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffff000002c8 CR3: 0000000243050002 CR4: 0000000000372eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? try_to_wake_up+0x108/0x4c0\n ? udp4_lib_lookup2+0xbe/0x150\n ? udp_lib_lport_inuse+0x100/0x100\n ? __udp4_lib_lookup+0x2b0/0x410\n __xfrm_policy_check2.constprop.0+0x11e/0x130\n udp_queue_rcv_one_skb+0x1d/0x530\n udp_unicast_rcv_skb+0x76/0x90\n __udp4_lib_rcv+0xa64/0xe90\n ip_protocol_deliver_rcu+0x20/0x130\n ip_local_deliver_finish+0x75/0xa0\n ip_local_deliver+0xc1/0xd0\n ? ip_protocol_deliver_rcu+0x130/0x130\n ip_sublist_rcv+0x1f9/0x240\n ? ip_rcv_finish_core+0x430/0x430\n ip_list_rcv+0xfc/0x130\n __netif_receive_skb_list_core+0x181/0x1e0\n netif_receive_skb_list_internal+0x200/0x360\n ? mlx5e_build_rx_skb+0x1bc/0xda0 [mlx5_core]\n gro_receive_skb+0xfd/0x210\n mlx5e_handle_rx_cqe_mpwrq+0x141/0x280 [mlx5_core]\n mlx5e_poll_rx_cq+0xcc/0x8e0 [mlx5_core]\n ? mlx5e_handle_rx_dim+0x91/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x114/0xab0 [mlx5_core]\n __napi_poll+0x25/0x170\n net_rx_action+0x32d/0x3a0\n ? mlx5_eq_comp_int+0x8d/0x280 [mlx5_core]\n ? notifier_call_chain+0x33/0xa0\n handle_softirqs+0xda/0x250\n irq_exit_rcu+0x6d/0xc0\n common_interrupt+0x81/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38590",
"url": "https://www.suse.com/security/cve/CVE-2025-38590"
},
{
"category": "external",
"summary": "SUSE Bug 1248360 for CVE-2025-38590",
"url": "https://bugzilla.suse.com/1248360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38590"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: fix double free in \u0027hci_discovery_filter_clear()\u0027\n\nFunction \u0027hci_discovery_filter_clear()\u0027 frees \u0027uuids\u0027 array and then\nsets it to NULL. There is a tiny chance of the following race:\n\n\u0027hci_cmd_sync_work()\u0027\n\n \u0027update_passive_scan_sync()\u0027\n\n \u0027hci_update_passive_scan_sync()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids);\n\n \u003c-------------------------preempted--------------------------------\u003e\n \u0027start_service_discovery()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids); // DOUBLE FREE\n\n \u003c-------------------------preempted--------------------------------\u003e\n\n uuids = NULL;\n\nTo fix it let\u0027s add locking around \u0027kfree()\u0027 call and NULL pointer\nassignment. Otherwise the following backtrace fires:\n\n[ ] ------------[ cut here ]------------\n[ ] kernel BUG at mm/slub.c:547!\n[ ] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ ] CPU: 3 UID: 0 PID: 246 Comm: bluetoothd Tainted: G O 6.12.19-kernel #1\n[ ] Tainted: [O]=OOT_MODULE\n[ ] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ ] pc : __slab_free+0xf8/0x348\n[ ] lr : __slab_free+0x48/0x348\n...\n[ ] Call trace:\n[ ] __slab_free+0xf8/0x348\n[ ] kfree+0x164/0x27c\n[ ] start_service_discovery+0x1d0/0x2c0\n[ ] hci_sock_sendmsg+0x518/0x924\n[ ] __sock_sendmsg+0x54/0x60\n[ ] sock_write_iter+0x98/0xf8\n[ ] do_iter_readv_writev+0xe4/0x1c8\n[ ] vfs_writev+0x128/0x2b0\n[ ] do_writev+0xfc/0x118\n[ ] __arm64_sys_writev+0x20/0x2c\n[ ] invoke_syscall+0x68/0xf0\n[ ] el0_svc_common.constprop.0+0x40/0xe0\n[ ] do_el0_svc+0x1c/0x28\n[ ] el0_svc+0x30/0xd0\n[ ] el0t_64_sync_handler+0x100/0x12c\n[ ] el0t_64_sync+0x194/0x198\n[ ] Code: 8b0002e6 eb17031f 54fffbe1 d503201f (d4210000)\n[ ] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38593",
"url": "https://www.suse.com/security/cve/CVE-2025-38593"
},
{
"category": "external",
"summary": "SUSE Bug 1248357 for CVE-2025-38593",
"url": "https://bugzilla.suse.com/1248357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38593"
},
{
"cve": "CVE-2025-38595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: fix UAF in dmabuf_exp_from_pages()\n\n[dma_buf_fd() fixes; no preferences regarding the tree it goes through -\nup to xen folks]\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\ngntdev dmabuf_exp_from_pages() calls it and then proceeds to access the\nobjects destroyed on close - starting with gntdev_dmabuf itself.\n\nFix that by doing reserving descriptor before anything else and do\nfd_install() only when everything had been set up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38595",
"url": "https://www.suse.com/security/cve/CVE-2025-38595"
},
{
"category": "external",
"summary": "SUSE Bug 1248380 for CVE-2025-38595",
"url": "https://bugzilla.suse.com/1248380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38595"
},
{
"cve": "CVE-2025-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port\n\nEach window of a vop2 is usable by a specific set of video ports, so while\nbinding the vop2, we look through the list of available windows trying to\nfind one designated as primary-plane and usable by that specific port.\n\nThe code later wants to use drm_crtc_init_with_planes with that found\nprimary plane, but nothing has checked so far if a primary plane was\nactually found.\n\nFor whatever reason, the rk3576 vp2 does not have a usable primary window\n(if vp0 is also in use) which brought the issue to light and ended in a\nnull-pointer dereference further down.\n\nAs we expect a primary-plane to exist for a video-port, add a check at\nthe end of the window-iteration and fail probing if none was found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38597",
"url": "https://www.suse.com/security/cve/CVE-2025-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1248378 for CVE-2025-38597",
"url": "https://bugzilla.suse.com/1248378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38597"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()\n\nIn ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to\nretrieve the ab pointer. In vdev delete sequence the arvif-\u003ear could\nbecome NULL and that would trigger kernel panic.\nSince the caller ath12k_dp_tx() already has a valid ab pointer, pass it\ndirectly to avoid panic and unnecessary dereferencing.\n\nPC points to \"ath12k_dp_tx+0x228/0x988 [ath12k]\"\nLR points to \"ath12k_dp_tx+0xc8/0x988 [ath12k]\".\nThe Backtrace obtained is as follows:\nath12k_dp_tx+0x228/0x988 [ath12k]\nath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]\nieee80211_process_measurement_req+0x320/0x348 [mac80211]\nieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]\nieee80211_tx_dequeue+0xb14/0x1518 [mac80211]\nieee80211_tx_prepare_skb+0x224/0x254 [mac80211]\nieee80211_xmit+0xec/0x100 [mac80211]\n__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]\nieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]\nnetdev_start_xmit+0x150/0x18c\ndev_hard_start_xmit+0x74/0xc0\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38605",
"url": "https://www.suse.com/security/cve/CVE-2025-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1248334 for CVE-2025-38605",
"url": "https://bugzilla.suse.com/1248334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38614",
"url": "https://www.suse.com/security/cve/CVE-2025-38614"
},
{
"category": "external",
"summary": "SUSE Bug 1248392 for CVE-2025-38614",
"url": "https://bugzilla.suse.com/1248392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: drop UFO packets in udp_rcv_segment()\n\nWhen sending a packet with virtio_net_hdr to tun device, if the gso_type\nin virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr\nsize, below crash may happen.\n\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:4572!\n Oops: invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 0 UID: 0 PID: 62 Comm: mytest Not tainted 6.16.0-rc7 #203 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:skb_pull_rcsum+0x8e/0xa0\n Code: 00 00 5b c3 cc cc cc cc 8b 93 88 00 00 00 f7 da e8 37 44 38 00 f7 d8 89 83 88 00 00 00 48 8b 83 c8 00 00 00 5b c3 cc cc cc cc \u003c0f\u003e 0b 0f 0b 66 66 2e 0f 1f 84 00 000\n RSP: 0018:ffffc900001fba38 EFLAGS: 00000297\n RAX: 0000000000000004 RBX: ffff8880040c1000 RCX: ffffc900001fb948\n RDX: ffff888003e6d700 RSI: 0000000000000008 RDI: ffff88800411a062\n RBP: ffff8880040c1000 R08: 0000000000000000 R09: 0000000000000001\n R10: ffff888003606c00 R11: 0000000000000001 R12: 0000000000000000\n R13: ffff888004060900 R14: ffff888004050000 R15: ffff888004060900\n FS: 000000002406d3c0(0000) GS:ffff888084a19000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000040 CR3: 0000000004007000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n udp_queue_rcv_one_skb+0x176/0x4b0 net/ipv4/udp.c:2445\n udp_queue_rcv_skb+0x155/0x1f0 net/ipv4/udp.c:2475\n udp_unicast_rcv_skb+0x71/0x90 net/ipv4/udp.c:2626\n __udp4_lib_rcv+0x433/0xb00 net/ipv4/udp.c:2690\n ip_protocol_deliver_rcu+0xa6/0x160 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x72/0x90 net/ipv4/ip_input.c:233\n ip_sublist_rcv_finish+0x5f/0x70 net/ipv4/ip_input.c:579\n ip_sublist_rcv+0x122/0x1b0 net/ipv4/ip_input.c:636\n ip_list_rcv+0xf7/0x130 net/ipv4/ip_input.c:670\n __netif_receive_skb_list_core+0x21d/0x240 net/core/dev.c:6067\n netif_receive_skb_list_internal+0x186/0x2b0 net/core/dev.c:6210\n napi_complete_done+0x78/0x180 net/core/dev.c:6580\n tun_get_user+0xa63/0x1120 drivers/net/tun.c:1909\n tun_chr_write_iter+0x65/0xb0 drivers/net/tun.c:1984\n vfs_write+0x300/0x420 fs/read_write.c:593\n ksys_write+0x60/0xd0 fs/read_write.c:686\n do_syscall_64+0x50/0x1c0 arch/x86/entry/syscall_64.c:63\n \u003c/TASK\u003e\n\nTo trigger gso segment in udp_queue_rcv_skb(), we should also set option\nUDP_ENCAP_ESPINUDP to enable udp_sk(sk)-\u003eencap_rcv. When the encap_rcv\nhook return 1 in udp_queue_rcv_one_skb(), udp_csum_pull_header() will try\nto pull udphdr, but the skb size has been segmented to gso size, which\nleads to this crash.\n\nPrevious commit cf329aa42b66 (\"udp: cope with UDP GRO packet misdirection\")\nintroduces segmentation in UDP receive path only for GRO, which was never\nintended to be used for UFO, so drop UFO packets in udp_rcv_segment().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38622",
"url": "https://www.suse.com/security/cve/CVE-2025-38622"
},
{
"category": "external",
"summary": "SUSE Bug 1248619 for CVE-2025-38622",
"url": "https://bugzilla.suse.com/1248619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38622"
},
{
"cve": "CVE-2025-38623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38623"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Fix surprise plug detection and recovery\n\nThe existing PowerNV hotplug code did not handle surprise plug events\ncorrectly, leading to a complete failure of the hotplug system after device\nremoval and a required reboot to detect new devices.\n\nThis comes down to two issues:\n\n 1) When a device is surprise removed, often the bridge upstream\n port will cause a PE freeze on the PHB. If this freeze is not\n cleared, the MSI interrupts from the bridge hotplug notification\n logic will not be received by the kernel, stalling all plug events\n on all slots associated with the PE.\n\n 2) When a device is removed from a slot, regardless of surprise or\n programmatic removal, the associated PHB/PE ls left frozen.\n If this freeze is not cleared via a fundamental reset, skiboot\n is unable to clear the freeze and cannot retrain / rescan the\n slot. This also requires a reboot to clear the freeze and redetect\n the device in the slot.\n\nIssue the appropriate unfreeze and rescan commands on hotplug events,\nand don\u0027t oops on hotplug if pci_bus_to_OF_node() returns NULL.\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38623",
"url": "https://www.suse.com/security/cve/CVE-2025-38623"
},
{
"category": "external",
"summary": "SUSE Bug 1248610 for CVE-2025-38623",
"url": "https://bugzilla.suse.com/1248610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "low"
}
],
"title": "CVE-2025-38623"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: Fix release of uninitialized resources on error path\n\nThe commit in the fixes tag made sure that mlx5_vdpa_free()\nis the single entrypoint for removing the vdpa device resources\nadded in mlx5_vdpa_dev_add(), even in the cleanup path of\nmlx5_vdpa_dev_add().\n\nThis means that all functions from mlx5_vdpa_free() should be able to\nhandle uninitialized resources. This was not the case though:\nmlx5_vdpa_destroy_mr_resources() and mlx5_cmd_cleanup_async_ctx()\nwere not able to do so. This caused the splat below when adding\na vdpa device without a MAC address.\n\nThis patch fixes these remaining issues:\n\n- Makes mlx5_vdpa_destroy_mr_resources() return early if called on\n uninitialized resources.\n\n- Moves mlx5_cmd_init_async_ctx() early on during device addition\n because it can\u0027t fail. This means that mlx5_cmd_cleanup_async_ctx()\n also can\u0027t fail. To mirror this, move the call site of\n mlx5_cmd_cleanup_async_ctx() in mlx5_vdpa_free().\n\nAn additional comment was added in mlx5_vdpa_free() to document\nthe expectations of functions called from this context.\n\nSplat:\n\n mlx5_core 0000:b5:03.2: mlx5_vdpa_dev_add:3950:(pid 2306) warning: No mac address provisioned?\n ------------[ cut here ]------------\n WARNING: CPU: 13 PID: 2306 at kernel/workqueue.c:4207 __flush_work+0x9a/0xb0\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __try_to_del_timer_sync+0x61/0x90\n ? __timer_delete_sync+0x2b/0x40\n mlx5_vdpa_destroy_mr_resources+0x1c/0x40 [mlx5_vdpa]\n mlx5_vdpa_free+0x45/0x160 [mlx5_vdpa]\n vdpa_release_dev+0x1e/0x50 [vdpa]\n device_release+0x31/0x90\n kobject_cleanup+0x37/0x130\n mlx5_vdpa_dev_add+0x327/0x890 [mlx5_vdpa]\n vdpa_nl_cmd_dev_add_set_doit+0x2c1/0x4d0 [vdpa]\n genl_family_rcv_msg_doit+0xd8/0x130\n genl_family_rcv_msg+0x14b/0x220\n ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa]\n genl_rcv_msg+0x47/0xa0\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x53/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x27b/0x3b0\n netlink_sendmsg+0x1f7/0x430\n __sys_sendto+0x1fa/0x210\n ? ___pte_offset_map+0x17/0x160\n ? next_uptodate_folio+0x85/0x2b0\n ? percpu_counter_add_batch+0x51/0x90\n ? filemap_map_pages+0x515/0x660\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x7b/0x2c0\n ? do_read_fault+0x108/0x220\n ? do_pte_missing+0x14a/0x3e0\n ? __handle_mm_fault+0x321/0x730\n ? count_memcg_events+0x13f/0x180\n ? handle_mm_fault+0x1fb/0x2d0\n ? do_user_addr_fault+0x20c/0x700\n ? syscall_exit_work+0x104/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f0c25b0feca\n [...]\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38628",
"url": "https://www.suse.com/security/cve/CVE-2025-38628"
},
{
"category": "external",
"summary": "SUSE Bug 1248616 for CVE-2025-38628",
"url": "https://bugzilla.suse.com/1248616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38628"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_nfacct: don\u0027t assume acct name is null-terminated\n\nBUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721\nRead of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851\n[..]\n string+0x231/0x2b0 lib/vsprintf.c:721\n vsnprintf+0x739/0xf00 lib/vsprintf.c:2874\n [..]\n nfacct_mt_checkentry+0xd2/0xe0 net/netfilter/xt_nfacct.c:41\n xt_check_match+0x3d1/0xab0 net/netfilter/x_tables.c:523\n\nnfnl_acct_find_get() handles non-null input, but the error\nprintk relied on its presence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38639",
"url": "https://www.suse.com/security/cve/CVE-2025-38639"
},
{
"category": "external",
"summary": "SUSE Bug 1248674 for CVE-2025-38639",
"url": "https://bugzilla.suse.com/1248674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38639"
},
{
"cve": "CVE-2025-38640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable migration in nf_hook_run_bpf().\n\nsyzbot reported that the netfilter bpf prog can be called without\nmigration disabled in xmit path.\n\nThen the assertion in __bpf_prog_run() fails, triggering the splat\nbelow. [0]\n\nLet\u0027s use bpf_prog_run_pin_on_cpu() in nf_hook_run_bpf().\n\n[0]:\nBUG: assuming non migratable context at ./include/linux/filter.h:703\nin_atomic(): 0, irqs_disabled(): 0, migration_disabled() 0 pid: 5829, name: sshd-session\n3 locks held by sshd-session/5829:\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1667 [inline]\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x20/0x50 net/ipv4/tcp.c:1395\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: __ip_queue_xmit+0x69/0x26c0 net/ipv4/ip_output.c:470\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: nf_hook+0xb2/0x680 include/linux/netfilter.h:241\nCPU: 0 UID: 0 PID: 5829 Comm: sshd-session Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120\n __cant_migrate kernel/sched/core.c:8860 [inline]\n __cant_migrate+0x1c7/0x250 kernel/sched/core.c:8834\n __bpf_prog_run include/linux/filter.h:703 [inline]\n bpf_prog_run include/linux/filter.h:725 [inline]\n nf_hook_run_bpf+0x83/0x1e0 net/netfilter/nf_bpf_link.c:20\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:623\n nf_hook+0x370/0x680 include/linux/netfilter.h:272\n NF_HOOK_COND include/linux/netfilter.h:305 [inline]\n ip_output+0x1bc/0x2a0 net/ipv4/ip_output.c:433\n dst_output include/net/dst.h:459 [inline]\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n __ip_queue_xmit+0x1d7d/0x26c0 net/ipv4/ip_output.c:527\n __tcp_transmit_skb+0x2686/0x3e90 net/ipv4/tcp_output.c:1479\n tcp_transmit_skb net/ipv4/tcp_output.c:1497 [inline]\n tcp_write_xmit+0x1274/0x84e0 net/ipv4/tcp_output.c:2838\n __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:3021\n tcp_push+0x225/0x700 net/ipv4/tcp.c:759\n tcp_sendmsg_locked+0x1870/0x42b0 net/ipv4/tcp.c:1359\n tcp_sendmsg+0x2e/0x50 net/ipv4/tcp.c:1396\n inet_sendmsg+0xb9/0x140 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x4aa/0x5b0 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x6c7/0x1150 fs/read_write.c:686\n ksys_write+0x1f8/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe7d365d407\nCode: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\nRSP:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38640",
"url": "https://www.suse.com/security/cve/CVE-2025-38640"
},
{
"category": "external",
"summary": "SUSE Bug 1248622 for CVE-2025-38640",
"url": "https://bugzilla.suse.com/1248622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38640"
},
{
"cve": "CVE-2025-38643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c6003c2b3\u003e] show_stack+0x10e/0x11a\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c60037608\u003e] dump_stack_lvl+0x71/0xb8\n [\u003c6063717b\u003e] ? wdev_chandef+0x60/0x165\n [\u003c6003766d\u003e] dump_stack+0x1e/0x20\n [\u003c6005d1b7\u003e] __warn+0x101/0x20f\n [\u003c6005d3a8\u003e] warn_slowpath_fmt+0xe3/0x15d\n [\u003c600b0c5c\u003e] ? mark_lock.part.0+0x0/0x4ec\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c600b11a2\u003e] ? mark_held_locks+0x5a/0x6e\n [\u003c6005d2c5\u003e] ? warn_slowpath_fmt+0x0/0x15d\n [\u003c60052e53\u003e] ? unblock_signals+0x3a/0xe7\n [\u003c60052f2d\u003e] ? um_set_signals+0x2d/0x43\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c607508b2\u003e] ? lock_is_held_type+0x207/0x21f\n [\u003c6063717b\u003e] wdev_chandef+0x60/0x165\n [\u003c605f89b4\u003e] regulatory_propagate_dfs_state+0x247/0x43f\n [\u003c60052f00\u003e] ? um_set_signals+0x0/0x43\n [\u003c605e6bfd\u003e] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [\u003c6007e460\u003e] process_scheduled_works+0x3bc/0x60e\n [\u003c6007d0ec\u003e] ? move_linked_works+0x4d/0x81\n [\u003c6007d120\u003e] ? assign_work+0x0/0xaa\n [\u003c6007f81f\u003e] worker_thread+0x220/0x2dc\n [\u003c600786ef\u003e] ? set_pf_worker+0x0/0x57\n [\u003c60087c96\u003e] ? to_kthread+0x0/0x43\n [\u003c6008ab3c\u003e] kthread+0x2d3/0x2e2\n [\u003c6007f5ff\u003e] ? worker_thread+0x0/0x2dc\n [\u003c6006c05b\u003e] ? calculate_sigpending+0x0/0x56\n [\u003c6003b37d\u003e] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [\u003c00000000600bc96b\u003e] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [\u003c00000000600bc92c\u003e] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [\u003c00000000606c55c6\u003e] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [\u003c00000000606c52d6\u003e] __ieee80211_wake_queue+0x643/0x985",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38643",
"url": "https://www.suse.com/security/cve/CVE-2025-38643"
},
{
"category": "external",
"summary": "SUSE Bug 1248681 for CVE-2025-38643",
"url": "https://bugzilla.suse.com/1248681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38643"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Check device memory pointer before usage\n\nAdd a NULL check before accessing device memory to prevent a crash if\ndev-\u003edm allocation in mlx5_init_once() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38645",
"url": "https://www.suse.com/security/cve/CVE-2025-38645"
},
{
"category": "external",
"summary": "SUSE Bug 1248626 for CVE-2025-38645",
"url": "https://bugzilla.suse.com/1248626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38645"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: No more self recovery\n\nWhen a node withdraws and it turns out that it is the only node that has\nthe filesystem mounted, gfs2 currently tries to replay the local journal\nto bring the filesystem back into a consistent state. Not only is that\na very bad idea, it has also never worked because gfs2_recover_func()\nwill refuse to do anything during a withdraw.\n\nHowever, before even getting to this point, gfs2_recover_func()\ndereferences sdp-\u003esd_jdesc-\u003ejd_inode. This was a use-after-free before\ncommit 04133b607a78 (\"gfs2: Prevent double iput for journal on error\")\nand is a NULL pointer dereference since then.\n\nSimply get rid of self recovery to fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38659",
"url": "https://www.suse.com/security/cve/CVE-2025-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1248639 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "external",
"summary": "SUSE Bug 1248759 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38659"
},
{
"cve": "CVE-2025-38660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n[ceph] parse_longname(): strrchr() expects NUL-terminated string\n\n... and parse_longname() is not guaranteed that. That\u0027s the reason\nwhy it uses kmemdup_nul() to build the argument for kstrtou64();\nthe problem is, kstrtou64() is not the only thing that need it.\n\nJust get a NUL-terminated copy of the entire thing and be done\nwith that...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38660",
"url": "https://www.suse.com/security/cve/CVE-2025-38660"
},
{
"category": "external",
"summary": "SUSE Bug 1248634 for CVE-2025-38660",
"url": "https://bugzilla.suse.com/1248634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38660"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix a null pointer dereference in ice_copy_and_init_pkg()\n\nAdd check for the return value of devm_kmemdup()\nto prevent potential null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38664",
"url": "https://www.suse.com/security/cve/CVE-2025-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1248628 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "external",
"summary": "SUSE Bug 1248631 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38664"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the \u0027reg-dummy\u0027 platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38668",
"url": "https://www.suse.com/security/cve/CVE-2025-38668"
},
{
"category": "external",
"summary": "SUSE Bug 1248647 for CVE-2025-38668",
"url": "https://bugzilla.suse.com/1248647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38668"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
},
{
"cve": "CVE-2025-38676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38676",
"url": "https://www.suse.com/security/cve/CVE-2025-38676"
},
{
"category": "external",
"summary": "SUSE Bug 1248775 for CVE-2025-38676",
"url": "https://bugzilla.suse.com/1248775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38676"
},
{
"cve": "CVE-2025-38678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject duplicate device on updates\n\nA chain/flowtable update with duplicated devices in the same batch is\npossible. Unfortunately, netdev event path only removes the first\ndevice that is found, leaving unregistered the hook of the duplicated\ndevice.\n\nCheck if a duplicated device exists in the transaction batch, bail out\nwith EEXIST in such case.\n\nWARNING is hit when unregistering the hook:\n\n [49042.221275] WARNING: CPU: 4 PID: 8425 at net/netfilter/core.c:340 nf_hook_entry_head+0xaa/0x150\n [49042.221375] CPU: 4 UID: 0 PID: 8425 Comm: nft Tainted: G S 6.16.0+ #170 PREEMPT(full)\n [...]\n [49042.221382] RIP: 0010:nf_hook_entry_head+0xaa/0x150",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38678",
"url": "https://www.suse.com/security/cve/CVE-2025-38678"
},
{
"category": "external",
"summary": "SUSE Bug 1249126 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "external",
"summary": "SUSE Bug 1249534 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38678"
},
{
"cve": "CVE-2025-38679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: Fix OOB read due to missing payload bound check\n\nCurrently, The event_seq_changed() handler processes a variable number\nof properties sent by the firmware. The number of properties is indicated\nby the firmware and used to iterate over the payload. However, the\npayload size is not being validated against the actual message length.\n\nThis can lead to out-of-bounds memory access if the firmware provides a\nproperty count that exceeds the data available in the payload. Such a\ncondition can result in kernel crashes or potential information leaks if\nmemory beyond the buffer is accessed.\n\nFix this by properly validating the remaining size of the payload before\neach property access and updating bounds accordingly as properties are\nparsed.\n\nThis ensures that property parsing is safely bounded within the received\nmessage buffer and protects against malformed or malicious firmware\nbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38679",
"url": "https://www.suse.com/security/cve/CVE-2025-38679"
},
{
"category": "external",
"summary": "SUSE Bug 1249202 for CVE-2025-38679",
"url": "https://bugzilla.suse.com/1249202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38679"
},
{
"cve": "CVE-2025-38684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: use old \u0027nbands\u0027 while purging unused classes\n\nShuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify()\nafter recent changes from Lion [2]. The problem is: in ets_qdisc_change()\nwe purge unused DWRR queues; the value of \u0027q-\u003enbands\u0027 is the new one, and\nthe cleanup should be done with the old one. The problem is here since my\nfirst attempts to fix ets_qdisc_change(), but it surfaced again after the\nrecent qdisc len accounting fixes. Fix it purging idle DWRR queues before\nassigning a new value of \u0027q-\u003enbands\u0027, so that all purge operations find a\nconsistent configuration:\n\n - old \u0027q-\u003enbands\u0027 because it\u0027s needed by ets_class_find()\n - old \u0027q-\u003enstrict\u0027 because it\u0027s needed by ets_class_is_strict()\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary)\n Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021\n RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80\n Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c48\u003e 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab\n RSP: 0018:ffffba186009f400 EFLAGS: 00010202\n RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004\n RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004\n R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000\n R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000\n FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ets_class_qlen_notify+0x65/0x90 [sch_ets]\n qdisc_tree_reduce_backlog+0x74/0x110\n ets_qdisc_change+0x630/0xa40 [sch_ets]\n __tc_modify_qdisc.constprop.0+0x216/0x7f0\n tc_modify_qdisc+0x7c/0x120\n rtnetlink_rcv_msg+0x145/0x3f0\n netlink_rcv_skb+0x53/0x100\n netlink_unicast+0x245/0x390\n netlink_sendmsg+0x21b/0x470\n ____sys_sendmsg+0x39d/0x3d0\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x7d/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f2155114084\n Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084\n RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003\n RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f\n R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0\n R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0\n \u003c/TASK\u003e\n\n [1] https://lore.kernel.org/netdev/e08c7f4a6882f260011909a868311c6e9b54f3e4.1639153474.git.dcaratti@redhat.com/\n [2] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38684",
"url": "https://www.suse.com/security/cve/CVE-2025-38684"
},
{
"category": "external",
"summary": "SUSE Bug 1249156 for CVE-2025-38684",
"url": "https://bugzilla.suse.com/1249156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38684"
},
{
"cve": "CVE-2025-38701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not BUG when INLINE_DATA_FL lacks system.data xattr\n\nA syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data()\nwhen an inode had the INLINE_DATA_FL flag set but was missing the\nsystem.data extended attribute.\n\nSince this can happen due to a maiciouly fuzzed file system, we\nshouldn\u0027t BUG, but rather, report it as a corrupted file system.\n\nAdd similar replacements of BUG_ON with EXT4_ERROR_INODE() ii\next4_create_inline_data() and ext4_inline_data_truncate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38701",
"url": "https://www.suse.com/security/cve/CVE-2025-38701"
},
{
"category": "external",
"summary": "SUSE Bug 1249258 for CVE-2025-38701",
"url": "https://bugzilla.suse.com/1249258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38701"
},
{
"cve": "CVE-2025-38703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Make dma-fences compliant with the safe access rules\n\nXe can free some of the data pointed to by the dma-fences it exports. Most\nnotably the timeline name can get freed if userspace closes the associated\nsubmit queue. At the same time the fence could have been exported to a\nthird party (for example a sync_fence fd) which will then cause an use-\nafter-free on subsequent access.\n\nTo make this safe we need to make the driver compliant with the newly\ndocumented dma-fence rules. Driver has to ensure a RCU grace period\nbetween signalling a fence and freeing any data pointed to by said fence.\n\nFor the timeline name we simply make the queue be freed via kfree_rcu and\nfor the shared lock associated with multiple queues we add a RCU grace\nperiod before freeing the per GT structure holding the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38703",
"url": "https://www.suse.com/security/cve/CVE-2025-38703"
},
{
"category": "external",
"summary": "SUSE Bug 1249193 for CVE-2025-38703",
"url": "https://bugzilla.suse.com/1249193"
},
{
"category": "external",
"summary": "SUSE Bug 1249763 for CVE-2025-38703",
"url": "https://bugzilla.suse.com/1249763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38703"
},
{
"cve": "CVE-2025-38705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix null pointer access\n\nWriting a string without delimiters (\u0027 \u0027, \u0027\\n\u0027, \u0027\\0\u0027) to the under\ngpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile\nwill result in a null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38705",
"url": "https://www.suse.com/security/cve/CVE-2025-38705"
},
{
"category": "external",
"summary": "SUSE Bug 1249334 for CVE-2025-38705",
"url": "https://bugzilla.suse.com/1249334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38705"
},
{
"cve": "CVE-2025-38709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Avoid updating block size under exclusive owner\n\nSyzbot came up with a reproducer where a loop device block size is\nchanged underneath a mounted filesystem. This causes a mismatch between\nthe block device block size and the block size stored in the superblock\ncausing confusion in various places such as fs/buffer.c. The particular\nissue triggered by syzbot was a warning in __getblk_slow() due to\nrequested buffer size not matching block device block size.\n\nFix the problem by getting exclusive hold of the loop device to change\nits block size. This fails if somebody (such as filesystem) has already\nan exclusive ownership of the block device and thus prevents modifying\nthe loop device under some exclusive owner which doesn\u0027t expect it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38709",
"url": "https://www.suse.com/security/cve/CVE-2025-38709"
},
{
"category": "external",
"summary": "SUSE Bug 1249199 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249199"
},
{
"category": "external",
"summary": "SUSE Bug 1249535 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38709"
},
{
"cve": "CVE-2025-38710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Validate i_depth for exhash directories\n\nA fuzzer test introduced corruption that ends up with a depth of 0 in\ndir_e_read(), causing an undefined shift by 32 at:\n\n index = hash \u003e\u003e (32 - dip-\u003ei_depth);\n\nAs calculated in an open-coded way in dir_make_exhash(), the minimum\ndepth for an exhash directory is ilog2(sdp-\u003esd_hash_ptrs) and 0 is\ninvalid as sdp-\u003esd_hash_ptrs is fixed as sdp-\u003ebsize / 16 at mount time.\n\nSo we can avoid the undefined behaviour by checking for depth values\nlower than the minimum in gfs2_dinode_in(). Values greater than the\nmaximum are already being checked for there.\n\nAlso switch the calculation in dir_make_exhash() to use ilog2() to\nclarify how the depth is calculated.\n\nTested with the syzkaller repro.c and xfstests \u0027-g quick\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38710",
"url": "https://www.suse.com/security/cve/CVE-2025-38710"
},
{
"category": "external",
"summary": "SUSE Bug 1249201 for CVE-2025-38710",
"url": "https://bugzilla.suse.com/1249201"
},
{
"category": "external",
"summary": "SUSE Bug 1249536 for CVE-2025-38710",
"url": "https://bugzilla.suse.com/1249536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-38710"
},
{
"cve": "CVE-2025-38721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix refcount leak on table dump\n\nThere is a reference count leak in ctnetlink_dump_table():\n if (res \u003c 0) {\n nf_conntrack_get(\u0026ct-\u003ect_general); // HERE\n cb-\u003eargs[1] = (unsigned long)ct;\n ...\n\nWhile its very unlikely, its possible that ct == last.\nIf this happens, then the refcount of ct was already incremented.\nThis 2nd increment is never undone.\n\nThis prevents the conntrack object from being released, which in turn\nkeeps prevents cnet-\u003ecount from dropping back to 0.\n\nThis will then block the netns dismantle (or conntrack rmmod) as\nnf_conntrack_cleanup_net_list() will wait forever.\n\nThis can be reproduced by running conntrack_resize.sh selftest in a loop.\nIt takes ~20 minutes for me on a preemptible kernel on average before\nI see a runaway kworker spinning in nf_conntrack_cleanup_net_list.\n\nOne fix would to change this to:\n if (res \u003c 0) {\n\t\tif (ct != last)\n\t nf_conntrack_get(\u0026ct-\u003ect_general);\n\nBut this reference counting isn\u0027t needed in the first place.\nWe can just store a cookie value instead.\n\nA followup patch will do the same for ctnetlink_exp_dump_table,\nit looks to me as if this has the same problem and like\nctnetlink_dump_table, we only need a \u0027skip hint\u0027, not the actual\nobject so we can apply the same cookie strategy there as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38721",
"url": "https://www.suse.com/security/cve/CVE-2025-38721"
},
{
"category": "external",
"summary": "SUSE Bug 1249176 for CVE-2025-38721",
"url": "https://bugzilla.suse.com/1249176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38721"
},
{
"cve": "CVE-2025-38722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhabanalabs: fix UAF in export_dmabuf()\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\nhabanalabs export_dmabuf() calls it and then proceeds to access the\nobjects destroyed on close. In particular, it grabs an extra reference to\nanother struct file that will be dropped as part of -\u003erelease() for ours;\nthat \"will be\" is actually \"might have already been\".\n\nFix that by reserving descriptor before anything else and do fd_install()\nonly when everything had been set up. As a side benefit, we no longer\nhave the failure exit with file already created, but reference to\nunderlying file (as well as -\u003edmabuf_export_cnt, etc.) not grabbed yet;\nunlike dma_buf_fd(), fd_install() can\u0027t fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38722",
"url": "https://www.suse.com/security/cve/CVE-2025-38722"
},
{
"category": "external",
"summary": "SUSE Bug 1249163 for CVE-2025-38722",
"url": "https://bugzilla.suse.com/1249163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38722"
},
{
"cve": "CVE-2025-38730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: commit partial buffers on retry\n\nRing provided buffers are potentially only valid within the single\nexecution context in which they were acquired. io_uring deals with this\nand invalidates them on retry. But on the networking side, if\nMSG_WAITALL is set, or if the socket is of the streaming type and too\nlittle was processed, then it will hang on to the buffer rather than\nrecycle or commit it. This is problematic for two reasons:\n\n1) If someone unregisters the provided buffer ring before a later retry,\n then the req-\u003ebuf_list will no longer be valid.\n\n2) If multiple sockers are using the same buffer group, then multiple\n receives can consume the same memory. This can cause data corruption\n in the application, as either receive could land in the same\n userspace buffer.\n\nFix this by disallowing partial retries from pinning a provided buffer\nacross multiple executions, if ring provided buffers are used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38730",
"url": "https://www.suse.com/security/cve/CVE-2025-38730"
},
{
"category": "external",
"summary": "SUSE Bug 1249172 for CVE-2025-38730",
"url": "https://bugzilla.suse.com/1249172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38730"
},
{
"cve": "CVE-2025-38732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38732",
"url": "https://www.suse.com/security/cve/CVE-2025-38732"
},
{
"category": "external",
"summary": "SUSE Bug 1249262 for CVE-2025-38732",
"url": "https://bugzilla.suse.com/1249262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-38732"
},
{
"cve": "CVE-2025-39677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39677"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix backlog accounting in qdisc_dequeue_internal\n\nThis issue applies for the following qdiscs: hhf, fq, fq_codel, and\nfq_pie, and occurs in their change handlers when adjusting to the new\nlimit. The problem is the following in the values passed to the\nsubsequent qdisc_tree_reduce_backlog call given a tbf parent:\n\n When the tbf parent runs out of tokens, skbs of these qdiscs will\n be placed in gso_skb. Their peek handlers are qdisc_peek_dequeued,\n which accounts for both qlen and backlog. However, in the case of\n qdisc_dequeue_internal, ONLY qlen is accounted for when pulling\n from gso_skb. This means that these qdiscs are missing a\n qdisc_qstats_backlog_dec when dropping packets to satisfy the\n new limit in their change handlers.\n\n One can observe this issue with the following (with tc patched to\n support a limit of 0):\n\n export TARGET=fq\n tc qdisc del dev lo root\n tc qdisc add dev lo root handle 1: tbf rate 8bit burst 100b latency 1ms\n tc qdisc replace dev lo handle 3: parent 1:1 $TARGET limit 1000\n echo \u0027\u0027; echo \u0027add child\u0027; tc -s -d qdisc show dev lo\n ping -I lo -f -c2 -s32 -W0.001 127.0.0.1 2\u003e\u00261 \u003e/dev/null\n echo \u0027\u0027; echo \u0027after ping\u0027; tc -s -d qdisc show dev lo\n tc qdisc change dev lo handle 3: parent 1:1 $TARGET limit 0\n echo \u0027\u0027; echo \u0027after limit drop\u0027; tc -s -d qdisc show dev lo\n tc qdisc replace dev lo handle 2: parent 1:1 sfq\n echo \u0027\u0027; echo \u0027post graft\u0027; tc -s -d qdisc show dev lo\n\n The second to last show command shows 0 packets but a positive\n number (74) of backlog bytes. The problem becomes clearer in the\n last show command, where qdisc_purge_queue triggers\n qdisc_tree_reduce_backlog with the positive backlog and causes an\n underflow in the tbf parent\u0027s backlog (4096 Mb instead of 0).\n\nTo fix this issue, the codepath for all clients of qdisc_dequeue_internal\nhas been simplified: codel, pie, hhf, fq, fq_pie, and fq_codel.\nqdisc_dequeue_internal handles the backlog adjustments for all cases that\ndo not directly use the dequeue handler.\n\nThe old fq_codel_change limit adjustment loop accumulated the arguments to\nthe subsequent qdisc_tree_reduce_backlog call through the cstats field.\nHowever, this is confusing and error prone as fq_codel_dequeue could also\npotentially mutate this field (which qdisc_dequeue_internal calls in the\nnon gso_skb case), so we have unified the code here with other qdiscs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39677",
"url": "https://www.suse.com/security/cve/CVE-2025-39677"
},
{
"category": "external",
"summary": "SUSE Bug 1249300 for CVE-2025-39677",
"url": "https://bugzilla.suse.com/1249300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39677"
},
{
"cve": "CVE-2025-39678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL\n\nIf metric table address is not allocated, accessing metrics_bin will\nresult in a NULL pointer dereference, so add a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39678",
"url": "https://www.suse.com/security/cve/CVE-2025-39678"
},
{
"category": "external",
"summary": "SUSE Bug 1249290 for CVE-2025-39678",
"url": "https://bugzilla.suse.com/1249290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39678"
},
{
"cve": "CVE-2025-39681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper\n\nSince\n\n 923f3a2b48bd (\"x86/resctrl: Query LLC monitoring properties once during boot\")\n\nresctrl_cpu_detect() has been moved from common CPU initialization code to\nthe vendor-specific BSP init helper, while Hygon didn\u0027t put that call in their\ncode.\n\nThis triggers a division by zero fault during early booting stage on our\nmachines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries\nto calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.\n\nAdd the missing resctrl_cpu_detect() in the Hygon BSP init helper.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39681",
"url": "https://www.suse.com/security/cve/CVE-2025-39681"
},
{
"category": "external",
"summary": "SUSE Bug 1249303 for CVE-2025-39681",
"url": "https://bugzilla.suse.com/1249303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39681"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-39691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: fix use-after-free when call bh_read() helper\n\nThere\u0027s issue as follows:\nBUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110\nRead of size 8 at addr ffffc9000168f7f8 by task swapper/3/0\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x2c/0x390\n print_report+0xb4/0x270\n kasan_report+0xb8/0xf0\n end_buffer_read_sync+0xe3/0x110\n end_bio_bh_io_sync+0x56/0x80\n blk_update_request+0x30a/0x720\n scsi_end_request+0x51/0x2b0\n scsi_io_completion+0xe3/0x480\n ? scsi_device_unbusy+0x11e/0x160\n blk_complete_reqs+0x7b/0x90\n handle_softirqs+0xef/0x370\n irq_exit_rcu+0xa5/0xd0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n\n Above issue happens when do ntfs3 filesystem mount, issue may happens\n as follows:\n mount IRQ\nntfs_fill_super\n read_cache_page\n do_read_cache_folio\n filemap_read_folio\n mpage_read_folio\n\t do_mpage_readpage\n\t ntfs_get_block_vbo\n\t bh_read\n\t submit_bh\n\t wait_on_buffer(bh);\n\t blk_complete_reqs\n\t\t\t\t scsi_io_completion\n\t\t\t\t scsi_end_request\n\t\t\t\t blk_update_request\n\t\t\t\t end_bio_bh_io_sync\n\t\t\t\t\t end_buffer_read_sync\n\t\t\t\t\t __end_buffer_read_notouch\n\t\t\t\t\t unlock_buffer\n\n wait_on_buffer(bh);--\u003e return will return to caller\n\n\t\t\t\t\t put_bh\n\t\t\t\t\t --\u003e trigger stack-out-of-bounds\nIn the mpage_read_folio() function, the stack variable \u0027map_bh\u0027 is\npassed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and\nwait_on_buffer() returns to continue processing, the stack variable\nis likely to be reclaimed. Consequently, during the end_buffer_read_sync()\nprocess, calling put_bh() may result in stack overrun.\n\nIf the bh is not allocated on the stack, it belongs to a folio. Freeing\na buffer head which belongs to a folio is done by drop_buffers() which\nwill fail to free buffers which are still locked. So it is safe to call\nput_bh() before __end_buffer_read_notouch().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39691",
"url": "https://www.suse.com/security/cve/CVE-2025-39691"
},
{
"category": "external",
"summary": "SUSE Bug 1249374 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "external",
"summary": "SUSE Bug 1249392 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39691"
},
{
"cve": "CVE-2025-39695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Flush delayed SKBs while releasing RXE resources\n\nWhen skb packets are sent out, these skb packets still depends on\nthe rxe resources, for example, QP, sk, when these packets are\ndestroyed.\n\nIf these rxe resources are released when the skb packets are destroyed,\nthe call traces will appear.\n\nTo avoid skb packets hang too long time in some network devices,\na timestamp is added when these skb packets are created. If these\nskb packets hang too long time in network devices, these network\ndevices can free these skb packets to release rxe resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39695",
"url": "https://www.suse.com/security/cve/CVE-2025-39695"
},
{
"category": "external",
"summary": "SUSE Bug 1249306 for CVE-2025-39695",
"url": "https://bugzilla.suse.com/1249306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39695"
},
{
"cve": "CVE-2025-39703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can\u0027t hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\u003csnip registers, remove unreliable trace\u003e\n\n[ 45.402911] Call Trace:\n[ 45.403105] \u003cIRQ\u003e\n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \u003c/IRQ\u003e\n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there\u0027s not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don\u0027t easily\nsee why it couldn\u0027t be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth0_to_hsr \u251c\u2500\u2500\u2500\u2524 hsr_slave0 \u253c\u2500\u2500\u2500\u2510\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2510\n \u251c\u2500\u2524 hsr0 \u251c\u2500\u2500\u2500\u2510\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 | | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth1_to_hsr \u253c\u2500\u2500\u2500\u2524 hsr_slave1 \u251c\u2500\u2500\u2500\u2518 \u2524 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u253c bridge |\n || |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 |\n | ... \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39703",
"url": "https://www.suse.com/security/cve/CVE-2025-39703"
},
{
"category": "external",
"summary": "SUSE Bug 1249315 for CVE-2025-39703",
"url": "https://bugzilla.suse.com/1249315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39703"
},
{
"cve": "CVE-2025-39705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a Null pointer dereference vulnerability\n\n[Why]\nA null pointer dereference vulnerability exists in the AMD display driver\u0027s\n(DC module) cleanup function dc_destruct().\nWhen display control context (dc-\u003ectx) construction fails\n(due to memory allocation failure), this pointer remains NULL.\nDuring subsequent error handling when dc_destruct() is called,\nthere\u0027s no NULL check before dereferencing the perf_trace member\n(dc-\u003ectx-\u003eperf_trace), causing a kernel null pointer dereference crash.\n\n[How]\nCheck if dc-\u003ectx is non-NULL before dereferencing.\n\n(Updated commit text and removed unnecessary error message)\n(cherry picked from commit 9dd8e2ba268c636c240a918e0a31e6feaee19404)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39705",
"url": "https://www.suse.com/security/cve/CVE-2025-39705"
},
{
"category": "external",
"summary": "SUSE Bug 1249295 for CVE-2025-39705",
"url": "https://bugzilla.suse.com/1249295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39705"
},
{
"cve": "CVE-2025-39707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities\n\nHUBBUB structure is not initialized on DCE hardware, so check if it is NULL\nto avoid null dereference while accessing amdgpu_dm_capabilities file in\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39707",
"url": "https://www.suse.com/security/cve/CVE-2025-39707"
},
{
"category": "external",
"summary": "SUSE Bug 1249333 for CVE-2025-39707",
"url": "https://bugzilla.suse.com/1249333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39707"
},
{
"cve": "CVE-2025-39711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls\n\nBoth the ACE and CSI driver are missing a mei_cldev_disable() call in\ntheir remove() function.\n\nThis causes the mei_cl client to stay part of the mei_device-\u003efile_list\nlist even though its memory is freed by mei_cl_bus_dev_release() calling\nkfree(cldev-\u003ecl).\n\nThis leads to a use-after-free when mei_vsc_remove() runs mei_stop()\nwhich first removes all mei bus devices calling mei_ace_remove() and\nmei_csi_remove() followed by mei_cl_bus_dev_release() and then calls\nmei_cl_all_disconnect() which walks over mei_device-\u003efile_list dereferecing\nthe just freed cldev-\u003ecl.\n\nAnd mei_vsc_remove() it self is run at shutdown because of the\nplatform_device_unregister(tp-\u003epdev) in vsc_tp_shutdown()\n\nWhen building a kernel with KASAN this leads to the following KASAN report:\n\n[ 106.634504] ==================================================================\n[ 106.634623] BUG: KASAN: slab-use-after-free in mei_cl_set_disconnected (drivers/misc/mei/client.c:783) mei\n[ 106.634683] Read of size 4 at addr ffff88819cb62018 by task systemd-shutdow/1\n[ 106.634729]\n[ 106.634767] Tainted: [E]=UNSIGNED_MODULE\n[ 106.634770] Hardware name: Dell Inc. XPS 16 9640/09CK4V, BIOS 1.12.0 02/10/2025\n[ 106.634773] Call Trace:\n[ 106.634777] \u003cTASK\u003e\n...\n[ 106.634871] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n[ 106.634901] mei_cl_set_disconnected (drivers/misc/mei/client.c:783) mei\n[ 106.634921] mei_cl_all_disconnect (drivers/misc/mei/client.c:2165 (discriminator 4)) mei\n[ 106.634941] mei_reset (drivers/misc/mei/init.c:163) mei\n...\n[ 106.635042] mei_stop (drivers/misc/mei/init.c:348) mei\n[ 106.635062] mei_vsc_remove (drivers/misc/mei/mei_dev.h:784 drivers/misc/mei/platform-vsc.c:393) mei_vsc\n[ 106.635066] platform_remove (drivers/base/platform.c:1424)\n\nAdd the missing mei_cldev_disable() calls so that the mei_cl gets removed\nfrom mei_device-\u003efile_list before it is freed to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39711",
"url": "https://www.suse.com/security/cve/CVE-2025-39711"
},
{
"category": "external",
"summary": "SUSE Bug 1249274 for CVE-2025-39711",
"url": "https://bugzilla.suse.com/1249274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39711"
},
{
"cve": "CVE-2025-39718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Validate length in packet header before skb_put()\n\nWhen receiving a vsock packet in the guest, only the virtqueue buffer\nsize is validated prior to virtio_vsock_skb_rx_put(). Unfortunately,\nvirtio_vsock_skb_rx_put() uses the length from the packet header as the\nlength argument to skb_put(), potentially resulting in SKB overflow if\nthe host has gone wonky.\n\nValidate the length as advertised by the packet header before calling\nvirtio_vsock_skb_rx_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39718",
"url": "https://www.suse.com/security/cve/CVE-2025-39718"
},
{
"category": "external",
"summary": "SUSE Bug 1249305 for CVE-2025-39718",
"url": "https://bugzilla.suse.com/1249305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39718"
},
{
"cve": "CVE-2025-39738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not allow relocation of partially dropped subvolumes\n\n[BUG]\nThere is an internal report that balance triggered transaction abort,\nwith the following call trace:\n\n item 85 key (594509824 169 0) itemoff 12599 itemsize 33\n extent refs 1 gen 197740 flags 2\n ref#0: tree block backref root 7\n item 86 key (594558976 169 0) itemoff 12566 itemsize 33\n extent refs 1 gen 197522 flags 2\n ref#0: tree block backref root 7\n ...\n BTRFS error (device loop0): extent item not found for insert, bytenr 594526208 num_bytes 16384 parent 449921024 root_objectid 934 owner 1 offset 0\n BTRFS error (device loop0): failed to run delayed ref for logical 594526208 num_bytes 16384 type 182 action 1 ref_mod 1: -117\n ------------[ cut here ]------------\n BTRFS: Transaction aborted (error -117)\n WARNING: CPU: 1 PID: 6963 at ../fs/btrfs/extent-tree.c:2168 btrfs_run_delayed_refs+0xfa/0x110 [btrfs]\n\nAnd btrfs check doesn\u0027t report anything wrong related to the extent\ntree.\n\n[CAUSE]\nThe cause is a little complex, firstly the extent tree indeed doesn\u0027t\nhave the backref for 594526208.\n\nThe extent tree only have the following two backrefs around that bytenr\non-disk:\n\n item 65 key (594509824 METADATA_ITEM 0) itemoff 13880 itemsize 33\n refs 1 gen 197740 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n item 66 key (594558976 METADATA_ITEM 0) itemoff 13847 itemsize 33\n refs 1 gen 197522 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n\nBut the such missing backref item is not an corruption on disk, as the\noffending delayed ref belongs to subvolume 934, and that subvolume is\nbeing dropped:\n\n item 0 key (934 ROOT_ITEM 198229) itemoff 15844 itemsize 439\n generation 198229 root_dirid 256 bytenr 10741039104 byte_limit 0 bytes_used 345571328\n last_snapshot 198229 flags 0x1000000000001(RDONLY) refs 0\n drop_progress key (206324 EXTENT_DATA 2711650304) drop_level 2\n level 2 generation_v2 198229\n\nAnd that offending tree block 594526208 is inside the dropped range of\nthat subvolume. That explains why there is no backref item for that\nbytenr and why btrfs check is not reporting anything wrong.\n\nBut this also shows another problem, as btrfs will do all the orphan\nsubvolume cleanup at a read-write mount.\n\nSo half-dropped subvolume should not exist after an RW mount, and\nbalance itself is also exclusive to subvolume cleanup, meaning we\nshouldn\u0027t hit a subvolume half-dropped during relocation.\n\nThe root cause is, there is no orphan item for this subvolume.\nIn fact there are 5 subvolumes from around 2021 that have the same\nproblem.\n\nIt looks like the original report has some older kernels running, and\ncaused those zombie subvolumes.\n\nThankfully upstream commit 8d488a8c7ba2 (\"btrfs: fix subvolume/snapshot\ndeletion not triggered on mount\") has long fixed the bug.\n\n[ENHANCEMENT]\nFor repairing such old fs, btrfs-progs will be enhanced.\n\nConsidering how delayed the problem will show up (at run delayed ref\ntime) and at that time we have to abort transaction already, it is too\nlate.\n\nInstead here we reject any half-dropped subvolume for reloc tree at the\nearliest time, preventing confusion and extra time wasted on debugging\nsimilar bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39738",
"url": "https://www.suse.com/security/cve/CVE-2025-39738"
},
{
"category": "external",
"summary": "SUSE Bug 1249540 for CVE-2025-39738",
"url": "https://bugzilla.suse.com/1249540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39738"
},
{
"cve": "CVE-2025-39744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix rcu_read_unlock() deadloop due to IRQ work\n\nDuring rcu_read_unlock_special(), if this happens during irq_exit(), we\ncan lockup if an IPI is issued. This is because the IPI itself triggers\nthe irq_exit() path causing a recursive lock up.\n\nThis is precisely what Xiongfeng found when invoking a BPF program on\nthe trace_tick_stop() tracepoint As shown in the trace below. Fix by\nmanaging the irq_work state correctly.\n\nirq_exit()\n __irq_exit_rcu()\n /* in_hardirq() returns false after this */\n preempt_count_sub(HARDIRQ_OFFSET)\n tick_irq_exit()\n tick_nohz_irq_exit()\n\t tick_nohz_stop_sched_tick()\n\t trace_tick_stop() /* a bpf prog is hooked on this trace point */\n\t\t __bpf_trace_tick_stop()\n\t\t bpf_trace_run2()\n\t\t\t rcu_read_unlock_special()\n /* will send a IPI to itself */\n\t\t\t irq_work_queue_on(\u0026rdp-\u003edefer_qs_iw, rdp-\u003ecpu);\n\nA simple reproducer can also be obtained by doing the following in\ntick_irq_exit(). It will hang on boot without the patch:\n\n static inline void tick_irq_exit(void)\n {\n +\trcu_read_lock();\n +\tWRITE_ONCE(current-\u003ercu_read_unlock_special.b.need_qs, true);\n +\trcu_read_unlock();\n +\n\n[neeraj: Apply Frederic\u0027s suggested fix for PREEMPT_RT]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39744",
"url": "https://www.suse.com/security/cve/CVE-2025-39744"
},
{
"category": "external",
"summary": "SUSE Bug 1249494 for CVE-2025-39744",
"url": "https://bugzilla.suse.com/1249494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39744"
},
{
"cve": "CVE-2025-39746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39746"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: shutdown driver when hardware is unreliable\n\nIn rare cases, ath10k may lose connection with the PCIe bus due to\nsome unknown reasons, which could further lead to system crashes during\nresuming due to watchdog timeout:\n\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\nath10k_pci 0000:01:00.0: already restarting\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\nieee80211 phy0: PM: **** DPM device timeout ****\nCall Trace:\n panic+0x125/0x315\n dpm_watchdog_set+0x54/0x54\n dpm_watchdog_handler+0x57/0x57\n call_timer_fn+0x31/0x13c\n\nAt this point, all WMI commands will timeout and attempt to restart\ndevice. So set a threshold for consecutive restart failures. If the\nthreshold is exceeded, consider the hardware is unreliable and all\nath10k operations should be skipped to avoid system crash.\n\nfail_cont_count and pending_recovery are atomic variables, and\ndo not involve complex conditional logic. Therefore, even if recovery\ncheck and reconfig complete are executed concurrently, the recovery\nmechanism will not be broken.\n\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39746",
"url": "https://www.suse.com/security/cve/CVE-2025-39746"
},
{
"category": "external",
"summary": "SUSE Bug 1249516 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "external",
"summary": "SUSE Bug 1249517 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39746"
},
{
"cve": "CVE-2025-39747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Add error handling for krealloc in metadata setup\n\nFunction msm_ioctl_gem_info_set_metadata() now checks for krealloc\nfailure and returns -ENOMEM, avoiding potential NULL pointer dereference.\nExplicitly avoids __GFP_NOFAIL due to deadlock risks and allocation constraints.\n\nPatchwork: https://patchwork.freedesktop.org/patch/661235/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39747",
"url": "https://www.suse.com/security/cve/CVE-2025-39747"
},
{
"category": "external",
"summary": "SUSE Bug 1249566 for CVE-2025-39747",
"url": "https://bugzilla.suse.com/1249566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39747"
},
{
"cve": "CVE-2025-39749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect -\u003edefer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won\u0027t happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure\u0027s -\u003edefer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [\u003cffffffffb0f56121\u003e] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [\u003cffffffffb25c7859\u003e] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [\u003cffffffffb0ee093f\u003e] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe -\u003edefer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the -\u003edefer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39749",
"url": "https://www.suse.com/security/cve/CVE-2025-39749"
},
{
"category": "external",
"summary": "SUSE Bug 1249533 for CVE-2025-39749",
"url": "https://bugzilla.suse.com/1249533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39749"
},
{
"cve": "CVE-2025-39754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/smaps: fix race between smaps_hugetlb_range and migration\n\nsmaps_hugetlb_range() handles the pte without holdling ptl, and may be\nconcurrenct with migration, leaing to BUG_ON in pfn_swap_entry_to_page(). \nThe race is as follows.\n\nsmaps_hugetlb_range migrate_pages\n huge_ptep_get\n remove_migration_ptes\n\t\t\t\t folio_unlock\n pfn_swap_entry_folio\n BUG_ON\n\nTo fix it, hold ptl lock in smaps_hugetlb_range().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39754",
"url": "https://www.suse.com/security/cve/CVE-2025-39754"
},
{
"category": "external",
"summary": "SUSE Bug 1249524 for CVE-2025-39754",
"url": "https://bugzilla.suse.com/1249524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39754"
},
{
"cve": "CVE-2025-39764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: remove refcounting in expectation dumpers\n\nSame pattern as previous patch: do not keep the expectation object\nalive via refcount, only store a cookie value and then use that\nas the skip hint for dump resumption.\n\nAFAICS this has the same issue as the one resolved in the conntrack\ndumper, when we do\n if (!refcount_inc_not_zero(\u0026exp-\u003euse))\n\nto increment the refcount, there is a chance that exp == last, which\ncauses a double-increment of the refcount and subsequent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39764",
"url": "https://www.suse.com/security/cve/CVE-2025-39764"
},
{
"category": "external",
"summary": "SUSE Bug 1249513 for CVE-2025-39764",
"url": "https://bugzilla.suse.com/1249513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39764"
},
{
"cve": "CVE-2025-39766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit\n\nThe following setup can trigger a WARNING in htb_activate due to\nthe condition: !cl-\u003eleaf.q-\u003eq.qlen\n\ntc qdisc del dev lo root\ntc qdisc add dev lo root handle 1: htb default 1\ntc class add dev lo parent 1: classid 1:1 \\\n htb rate 64bit\ntc qdisc add dev lo parent 1:1 handle f: \\\n cake memlimit 1b\nping -I lo -f -c1 -s64 -W0.001 127.0.0.1\n\nThis is because the low memlimit leads to a low buffer_limit, which\ncauses packet dropping. However, cake_enqueue still returns\nNET_XMIT_SUCCESS, causing htb_enqueue to call htb_activate with an\nempty child qdisc. We should return NET_XMIT_CN when packets are\ndropped from the same tin and flow.\n\nI do not believe return value of NET_XMIT_CN is necessary for packet\ndrops in the case of ack filtering, as that is meant to optimize\nperformance, not to signal congestion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39766",
"url": "https://www.suse.com/security/cve/CVE-2025-39766"
},
{
"category": "external",
"summary": "SUSE Bug 1249510 for CVE-2025-39766",
"url": "https://bugzilla.suse.com/1249510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39766"
},
{
"cve": "CVE-2025-39770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM\n\nWhen performing Generic Segmentation Offload (GSO) on an IPv6 packet that\ncontains extension headers, the kernel incorrectly requests checksum offload\nif the egress device only advertises NETIF_F_IPV6_CSUM feature, which has\na strict contract: it supports checksum offload only for plain TCP or UDP\nover IPv6 and explicitly does not support packets with extension headers.\nThe current GSO logic violates this contract by failing to disable the feature\nfor packets with extension headers, such as those used in GREoIPv6 tunnels.\n\nThis violation results in the device being asked to perform an operation\nit cannot support, leading to a `skb_warn_bad_offload` warning and a collapse\nof network throughput. While device TSO/USO is correctly bypassed in favor\nof software GSO for these packets, the GSO stack must be explicitly told not\nto request checksum offload.\n\nMask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4\nin gso_features_check if the IPv6 header contains extension headers to compute\nchecksum in software.\n\nThe exception is a BIG TCP extension, which, as stated in commit\n68e068cabd2c6c53 (\"net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\"):\n\"The feature is only enabled on devices that support BIG TCP TSO.\nThe header is only present for PF_PACKET taps like tcpdump,\nand not transmitted by physical devices.\"\n\nkernel log output (truncated):\nWARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140\n...\nCall Trace:\n \u003cTASK\u003e\n skb_checksum_help+0x12a/0x1f0\n validate_xmit_skb+0x1a3/0x2d0\n validate_xmit_skb_list+0x4f/0x80\n sch_direct_xmit+0x1a2/0x380\n __dev_xmit_skb+0x242/0x670\n __dev_queue_xmit+0x3fc/0x7f0\n ip6_finish_output2+0x25e/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel]\n ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre]\n dev_hard_start_xmit+0x63/0x1c0\n __dev_queue_xmit+0x6d0/0x7f0\n ip6_finish_output2+0x214/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n inet6_csk_xmit+0xeb/0x150\n __tcp_transmit_skb+0x555/0xa80\n tcp_write_xmit+0x32a/0xe90\n tcp_sendmsg_locked+0x437/0x1110\n tcp_sendmsg+0x2f/0x50\n...\nskb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e\nskb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00\nskb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00\nskb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00\nskb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9\nskb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01\nskb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39770",
"url": "https://www.suse.com/security/cve/CVE-2025-39770"
},
{
"category": "external",
"summary": "SUSE Bug 1249508 for CVE-2025-39770",
"url": "https://bugzilla.suse.com/1249508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39770"
},
{
"cve": "CVE-2025-39773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix soft lockup in br_multicast_query_expired()\n\nWhen set multicast_query_interval to a large value, the local variable\n\u0027time\u0027 in br_multicast_send_query() may overflow. If the time is smaller\nthan jiffies, the timer will expire immediately, and then call mod_timer()\nagain, which creates a loop and may trigger the following soft lockup\nissue.\n\n watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66]\n CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none)\n Call Trace:\n \u003cIRQ\u003e\n __netdev_alloc_skb+0x2e/0x3a0\n br_ip6_multicast_alloc_query+0x212/0x1b70\n __br_multicast_send_query+0x376/0xac0\n br_multicast_send_query+0x299/0x510\n br_multicast_query_expired.constprop.0+0x16d/0x1b0\n call_timer_fn+0x3b/0x2a0\n __run_timers+0x619/0x950\n run_timer_softirq+0x11c/0x220\n handle_softirqs+0x18e/0x560\n __irq_exit_rcu+0x158/0x1a0\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n\nThis issue can be reproduced with:\n ip link add br0 type bridge\n echo 1 \u003e /sys/class/net/br0/bridge/multicast_querier\n echo 0xffffffffffffffff \u003e\n \t/sys/class/net/br0/bridge/multicast_query_interval\n ip link set dev br0 up\n\nThe multicast_startup_query_interval can also cause this issue. Similar to\nthe commit 99b40610956a (\"net: bridge: mcast: add and enforce query\ninterval minimum\"), add check for the query interval maximum to fix this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39773",
"url": "https://www.suse.com/security/cve/CVE-2025-39773"
},
{
"category": "external",
"summary": "SUSE Bug 1249504 for CVE-2025-39773",
"url": "https://bugzilla.suse.com/1249504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39773"
},
{
"cve": "CVE-2025-39782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: prevent softlockup in jbd2_log_do_checkpoint()\n\nBoth jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list()\nperiodically release j_list_lock after processing a batch of buffers to\navoid long hold times on the j_list_lock. However, since both functions\ncontend for j_list_lock, the combined time spent waiting and processing\ncan be significant.\n\njbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when\nneed_resched() is true to avoid softlockups during prolonged operations.\nBut jbd2_log_do_checkpoint() only exits its loop when need_resched() is\ntrue, relying on potentially sleeping functions like __flush_batch() or\nwait_on_buffer() to trigger rescheduling. If those functions do not sleep,\nthe kernel may hit a softlockup.\n\nwatchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373]\nCPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017\nWorkqueue: writeback wb_workfn (flush-7:2)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : native_queued_spin_lock_slowpath+0x358/0x418\nlr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\nCall trace:\n native_queued_spin_lock_slowpath+0x358/0x418\n jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\n __jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2]\n add_transaction_credits+0x3bc/0x418 [jbd2]\n start_this_handle+0xf8/0x560 [jbd2]\n jbd2__journal_start+0x118/0x228 [jbd2]\n __ext4_journal_start_sb+0x110/0x188 [ext4]\n ext4_do_writepages+0x3dc/0x740 [ext4]\n ext4_writepages+0xa4/0x190 [ext4]\n do_writepages+0x94/0x228\n __writeback_single_inode+0x48/0x318\n writeback_sb_inodes+0x204/0x590\n __writeback_inodes_wb+0x54/0xf8\n wb_writeback+0x2cc/0x3d8\n wb_do_writeback+0x2e0/0x2f8\n wb_workfn+0x80/0x2a8\n process_one_work+0x178/0x3e8\n worker_thread+0x234/0x3b8\n kthread+0xf0/0x108\n ret_from_fork+0x10/0x20\n\nSo explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid\nsoftlockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39782",
"url": "https://www.suse.com/security/cve/CVE-2025-39782"
},
{
"category": "external",
"summary": "SUSE Bug 1249526 for CVE-2025-39782",
"url": "https://bugzilla.suse.com/1249526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39782"
},
{
"cve": "CVE-2025-39787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: mdt_loader: Ensure we don\u0027t read past the ELF header\n\nWhen the MDT loader is used in remoteproc, the ELF header is sanitized\nbeforehand, but that\u0027s not necessary the case for other clients.\n\nValidate the size of the firmware buffer to ensure that we don\u0027t read\npast the end as we iterate over the header. e_phentsize and e_shentsize\nare validated as well, to ensure that the assumptions about step size in\nthe traversal are valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39787",
"url": "https://www.suse.com/security/cve/CVE-2025-39787"
},
{
"category": "external",
"summary": "SUSE Bug 1249545 for CVE-2025-39787",
"url": "https://bugzilla.suse.com/1249545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39787"
},
{
"cve": "CVE-2025-39797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39797",
"url": "https://www.suse.com/security/cve/CVE-2025-39797"
},
{
"category": "external",
"summary": "SUSE Bug 1249608 for CVE-2025-39797",
"url": "https://bugzilla.suse.com/1249608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39797"
},
{
"cve": "CVE-2025-39807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add error handling for old state CRTC in atomic_disable\n\nIntroduce error handling to address an issue where, after a hotplug\nevent, the cursor continues to update. This situation can lead to a\nkernel panic due to accessing the NULL `old_state-\u003ecrtc`.\n\nE,g.\nUnable to handle kernel NULL pointer dereference at virtual address\nCall trace:\n mtk_crtc_plane_disable+0x24/0x140\n mtk_plane_atomic_update+0x8c/0xa8\n drm_atomic_helper_commit_planes+0x114/0x2c8\n drm_atomic_helper_commit_tail_rpm+0x4c/0x158\n commit_tail+0xa0/0x168\n drm_atomic_helper_commit+0x110/0x120\n drm_atomic_commit+0x8c/0xe0\n drm_atomic_helper_update_plane+0xd4/0x128\n __setplane_atomic+0xcc/0x110\n drm_mode_cursor_common+0x250/0x440\n drm_mode_cursor_ioctl+0x44/0x70\n drm_ioctl+0x264/0x5d8\n __arm64_sys_ioctl+0xd8/0x510\n invoke_syscall+0x6c/0xe0\n do_el0_svc+0x68/0xe8\n el0_svc+0x34/0x60\n el0t_64_sync_handler+0x1c/0xf8\n el0t_64_sync+0x180/0x188\n\nAdding NULL pointer checks to ensure stability by preventing operations\non an invalid CRTC state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39807",
"url": "https://www.suse.com/security/cve/CVE-2025-39807"
},
{
"category": "external",
"summary": "SUSE Bug 1249887 for CVE-2025-39807",
"url": "https://bugzilla.suse.com/1249887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39807"
},
{
"cve": "CVE-2025-39811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: Clear the scratch_pt pointer on error\n\nAvoid triggering a dereference of an error pointer on cleanup in\nxe_vm_free_scratch() by clearing any scratch_pt error pointer.\n\n(cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39811",
"url": "https://www.suse.com/security/cve/CVE-2025-39811"
},
{
"category": "external",
"summary": "SUSE Bug 1249915 for CVE-2025-39811",
"url": "https://bugzilla.suse.com/1249915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39811"
},
{
"cve": "CVE-2025-39816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths\n\nSince the buffers are mapped from userspace, it is prudent to use\nREAD_ONCE() to read the value into a local variable, and use that for\nany other actions taken. Having a stable read of the buffer length\navoids worrying about it changing after checking, or being read multiple\ntimes.\n\nSimilarly, the buffer may well change in between it being picked and\nbeing committed. Ensure the looping for incremental ring buffer commit\nstops if it hits a zero sized buffer, as no further progress can be made\nat that point.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39816",
"url": "https://www.suse.com/security/cve/CVE-2025-39816"
},
{
"category": "external",
"summary": "SUSE Bug 1249906 for CVE-2025-39816",
"url": "https://bugzilla.suse.com/1249906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39816"
},
{
"cve": "CVE-2025-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39823",
"url": "https://www.suse.com/security/cve/CVE-2025-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1250002 for CVE-2025-39823",
"url": "https://bugzilla.suse.com/1250002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39823"
},
{
"cve": "CVE-2025-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix race with concurrent opens in rename(2)\n\nBesides sending the rename request to the server, the rename process\nalso involves closing any deferred close, waiting for outstanding I/O\nto complete as well as marking all existing open handles as deleted to\nprevent them from deferring closes, which increases the race window\nfor potential concurrent opens on the target file.\n\nFix this by unhashing the dentry in advance to prevent any concurrent\nopens on the target.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39825",
"url": "https://www.suse.com/security/cve/CVE-2025-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1250179 for CVE-2025-39825",
"url": "https://bugzilla.suse.com/1250179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39825"
},
{
"cve": "CVE-2025-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path\n\nIn the error path of hws_pool_buddy_init(), the buddy allocator cleanup\ndoesn\u0027t free the allocator structure itself, causing a memory leak.\n\nAdd the missing kfree() to properly release all allocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39830",
"url": "https://www.suse.com/security/cve/CVE-2025-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1249974 for CVE-2025-39830",
"url": "https://bugzilla.suse.com/1249974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39830"
},
{
"cve": "CVE-2025-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow\n\nWhen an invalid stc_type is provided, the function allocates memory for\nshared_stc but jumps to unlock_and_out without freeing it, causing a\nmemory leak.\n\nFix by jumping to free_shared_stc label instead to ensure proper cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39834",
"url": "https://www.suse.com/security/cve/CVE-2025-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1250021 for CVE-2025-39834",
"url": "https://bugzilla.suse.com/1250021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39834"
},
{
"cve": "CVE-2025-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: do not propagate ENODATA disk errors into xattr code\n\nENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;\nnamely, that the requested attribute name could not be found.\n\nHowever, a medium error from disk may also return ENODATA. At best,\nthis medium error may escape to userspace as \"attribute not found\"\nwhen in fact it\u0027s an IO (disk) error.\n\nAt worst, we may oops in xfs_attr_leaf_get() when we do:\n\n\terror = xfs_attr_leaf_hasname(args, \u0026bp);\n\tif (error == -ENOATTR) {\n\t\txfs_trans_brelse(args-\u003etrans, bp);\n\t\treturn error;\n\t}\n\nbecause an ENODATA/ENOATTR error from disk leaves us with a null bp,\nand the xfs_trans_brelse will then null-deref it.\n\nAs discussed on the list, we really need to modify the lower level\nIO functions to trap all disk errors and ensure that we don\u0027t let\nunique errors like this leak up into higher xfs functions - many\nlike this should be remapped to EIO.\n\nHowever, this patch directly addresses a reported bug in the xattr\ncode, and should be safe to backport to stable kernels. A larger-scope\npatch to handle more unique errors at lower levels can follow later.\n\n(Note, prior to 07120f1abdff we did not oops, but we did return the\nwrong error code to userspace.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39835",
"url": "https://www.suse.com/security/cve/CVE-2025-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1250025 for CVE-2025-39835",
"url": "https://bugzilla.suse.com/1250025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39835"
},
{
"cve": "CVE-2025-39838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL pointer dereference in UTF16 conversion\n\nThere can be a NULL pointer dereference bug here. NULL is passed to\n__cifs_sfu_make_node without checks, which passes it unchecked to\ncifs_strndup_to_utf16, which in turn passes it to\ncifs_local_to_utf16_bytes where \u0027*from\u0027 is dereferenced, causing a crash.\n\nThis patch adds a check for NULL \u0027src\u0027 in cifs_strndup_to_utf16 and\nreturns NULL early to prevent dereferencing NULL pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39838",
"url": "https://www.suse.com/security/cve/CVE-2025-39838"
},
{
"category": "external",
"summary": "SUSE Bug 1250365 for CVE-2025-39838",
"url": "https://bugzilla.suse.com/1250365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39838"
},
{
"cve": "CVE-2025-39842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: prevent release journal inode after journal shutdown\n\nBefore calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already\nbeen executed in ocfs2_dismount_volume(), so osb-\u003ejournal must be NULL. \nTherefore, the following calltrace will inevitably fail when it reaches\njbd2_journal_release_jbd_inode().\n\nocfs2_dismount_volume()-\u003e\n ocfs2_delete_osb()-\u003e\n ocfs2_free_slot_info()-\u003e\n __ocfs2_free_slot_info()-\u003e\n evict()-\u003e\n ocfs2_evict_inode()-\u003e\n ocfs2_clear_inode()-\u003e\n\t jbd2_journal_release_jbd_inode(osb-\u003ejournal-\u003ej_journal,\n\nAdding osb-\u003ejournal checks will prevent null-ptr-deref during the above\nexecution path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39842",
"url": "https://www.suse.com/security/cve/CVE-2025-39842"
},
{
"category": "external",
"summary": "SUSE Bug 1250267 for CVE-2025-39842",
"url": "https://bugzilla.suse.com/1250267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39842"
},
{
"cve": "CVE-2025-39857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()\n\nBUG: kernel NULL pointer dereference, address: 00000000000002ec\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainted: G OE 6.17.0-rc2+ #9 NONE\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\nWorkqueue: smc_hs_wq smc_listen_work [smc]\nRIP: 0010:smc_ib_is_sg_need_sync+0x9e/0xd0 [smc]\n...\nCall Trace:\n \u003cTASK\u003e\n smcr_buf_map_link+0x211/0x2a0 [smc]\n __smc_buf_create+0x522/0x970 [smc]\n smc_buf_create+0x3a/0x110 [smc]\n smc_find_rdma_v2_device_serv+0x18f/0x240 [smc]\n ? smc_vlan_by_tcpsk+0x7e/0xe0 [smc]\n smc_listen_find_device+0x1dd/0x2b0 [smc]\n smc_listen_work+0x30f/0x580 [smc]\n process_one_work+0x18c/0x340\n worker_thread+0x242/0x360\n kthread+0xe7/0x220\n ret_from_fork+0x13a/0x160\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nIf the software RoCE device is used, ibdev-\u003edma_device is a null pointer.\nAs a result, the problem occurs. Null pointer detection is added to\nprevent problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39857",
"url": "https://www.suse.com/security/cve/CVE-2025-39857"
},
{
"category": "external",
"summary": "SUSE Bug 1250251 for CVE-2025-39857",
"url": "https://bugzilla.suse.com/1250251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39857"
},
{
"cve": "CVE-2025-39865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: fix NULL pointer dereference in tee_shm_put\n\ntee_shm_put have NULL pointer dereference:\n\n__optee_disable_shm_cache --\u003e\n\tshm = reg_pair_to_ptr(...);//shm maybe return NULL\n tee_shm_free(shm); --\u003e\n\t\ttee_shm_put(shm);//crash\n\nAdd check in tee_shm_put to fix it.\n\npanic log:\nUnable to handle kernel paging request at virtual address 0000000000100cca\nMem abort info:\nESR = 0x0000000096000004\nEC = 0x25: DABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x04: level 0 translation fault\nData abort info:\nISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\nCM = 0, WnR = 0, TnD = 0, TagAccess = 0\nGCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=0000002049d07000\n[0000000000100cca] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] SMP\nCPU: 2 PID: 14442 Comm: systemd-sleep Tainted: P OE ------- ----\n6.6.0-39-generic #38\nSource Version: 938b255f6cb8817c95b0dd5c8c2944acfce94b07\nHardware name: greatwall GW-001Y1A-FTH, BIOS Great Wall BIOS V3.0\n10/26/2022\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tee_shm_put+0x24/0x188\nlr : tee_shm_free+0x14/0x28\nsp : ffff001f98f9faf0\nx29: ffff001f98f9faf0 x28: ffff0020df543cc0 x27: 0000000000000000\nx26: ffff001f811344a0 x25: ffff8000818dac00 x24: ffff800082d8d048\nx23: ffff001f850fcd18 x22: 0000000000000001 x21: ffff001f98f9fb88\nx20: ffff001f83e76218 x19: ffff001f83e761e0 x18: 000000000000ffff\nx17: 303a30303a303030 x16: 0000000000000000 x15: 0000000000000003\nx14: 0000000000000001 x13: 0000000000000000 x12: 0101010101010101\nx11: 0000000000000001 x10: 0000000000000001 x9 : ffff800080e08d0c\nx8 : ffff001f98f9fb88 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff001f83e761e0 x1 : 00000000ffff001f x0 : 0000000000100cca\nCall trace:\ntee_shm_put+0x24/0x188\ntee_shm_free+0x14/0x28\n__optee_disable_shm_cache+0xa8/0x108\noptee_shutdown+0x28/0x38\nplatform_shutdown+0x28/0x40\ndevice_shutdown+0x144/0x2b0\nkernel_power_off+0x3c/0x80\nhibernate+0x35c/0x388\nstate_store+0x64/0x80\nkobj_attr_store+0x14/0x28\nsysfs_kf_write+0x48/0x60\nkernfs_fop_write_iter+0x128/0x1c0\nvfs_write+0x270/0x370\nksys_write+0x6c/0x100\n__arm64_sys_write+0x20/0x30\ninvoke_syscall+0x4c/0x120\nel0_svc_common.constprop.0+0x44/0xf0\ndo_el0_svc+0x24/0x38\nel0_svc+0x24/0x88\nel0t_64_sync_handler+0x134/0x150\nel0t_64_sync+0x14c/0x15",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39865",
"url": "https://www.suse.com/security/cve/CVE-2025-39865"
},
{
"category": "external",
"summary": "SUSE Bug 1250294 for CVE-2025-39865",
"url": "https://bugzilla.suse.com/1250294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39865"
},
{
"cve": "CVE-2025-39885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix recursive semaphore deadlock in fiemap call\n\nsyzbot detected a OCFS2 hang due to a recursive semaphore on a\nFS_IOC_FIEMAP of the extent list on a specially crafted mmap file.\n\ncontext_switch kernel/sched/core.c:5357 [inline]\n __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961\n __schedule_loop kernel/sched/core.c:7043 [inline]\n schedule+0x165/0x360 kernel/sched/core.c:7058\n schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7115\n rwsem_down_write_slowpath+0x872/0xfe0 kernel/locking/rwsem.c:1185\n __down_write_common kernel/locking/rwsem.c:1317 [inline]\n __down_write kernel/locking/rwsem.c:1326 [inline]\n down_write+0x1ab/0x1f0 kernel/locking/rwsem.c:1591\n ocfs2_page_mkwrite+0x2ff/0xc40 fs/ocfs2/mmap.c:142\n do_page_mkwrite+0x14d/0x310 mm/memory.c:3361\n wp_page_shared mm/memory.c:3762 [inline]\n do_wp_page+0x268d/0x5800 mm/memory.c:3981\n handle_pte_fault mm/memory.c:6068 [inline]\n __handle_mm_fault+0x1033/0x5440 mm/memory.c:6195\n handle_mm_fault+0x40a/0x8e0 mm/memory.c:6364\n do_user_addr_fault+0x764/0x1390 arch/x86/mm/fault.c:1387\n handle_page_fault arch/x86/mm/fault.c:1476 [inline]\n exc_page_fault+0x76/0xf0 arch/x86/mm/fault.c:1532\n asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623\nRIP: 0010:copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]\nRIP: 0010:raw_copy_to_user arch/x86/include/asm/uaccess_64.h:147 [inline]\nRIP: 0010:_inline_copy_to_user include/linux/uaccess.h:197 [inline]\nRIP: 0010:_copy_to_user+0x85/0xb0 lib/usercopy.c:26\nCode: e8 00 bc f7 fc 4d 39 fc 72 3d 4d 39 ec 77 38 e8 91 b9 f7 fc 4c 89\nf7 89 de e8 47 25 5b fd 0f 01 cb 4c 89 ff 48 89 d9 4c 89 f6 \u003cf3\u003e a4 0f\n1f 00 48 89 cb 0f 01 ca 48 89 d8 5b 41 5c 41 5d 41 5e 41\nRSP: 0018:ffffc9000403f950 EFLAGS: 00050256\nRAX: ffffffff84c7f101 RBX: 0000000000000038 RCX: 0000000000000038\nRDX: 0000000000000000 RSI: ffffc9000403f9e0 RDI: 0000200000000060\nRBP: ffffc9000403fa90 R08: ffffc9000403fa17 R09: 1ffff92000807f42\nR10: dffffc0000000000 R11: fffff52000807f43 R12: 0000200000000098\nR13: 00007ffffffff000 R14: ffffc9000403f9e0 R15: 0000200000000060\n copy_to_user include/linux/uaccess.h:225 [inline]\n fiemap_fill_next_extent+0x1c0/0x390 fs/ioctl.c:145\n ocfs2_fiemap+0x888/0xc90 fs/ocfs2/extent_map.c:806\n ioctl_fiemap fs/ioctl.c:220 [inline]\n do_vfs_ioctl+0x1173/0x1430 fs/ioctl.c:532\n __do_sys_ioctl fs/ioctl.c:596 [inline]\n __se_sys_ioctl+0x82/0x170 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f5f13850fd9\nRSP: 002b:00007ffe3b3518b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f5f13850fd9\nRDX: 0000200000000040 RSI: 00000000c020660b RDI: 0000000000000004\nRBP: 6165627472616568 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3b3518f0\nR13: 00007ffe3b351b18 R14: 431bde82d7b634db R15: 00007f5f1389a03b\n\nocfs2_fiemap() takes a read lock of the ip_alloc_sem semaphore (since\nv2.6.22-527-g7307de80510a) and calls fiemap_fill_next_extent() to read the\nextent list of this running mmap executable. The user supplied buffer to\nhold the fiemap information page faults calling ocfs2_page_mkwrite() which\nwill take a write lock (since v2.6.27-38-g00dc417fa3e7) of the same\nsemaphore. This recursive semaphore will hold filesystem locks and causes\na hang of the fileystem.\n\nThe ip_alloc_sem protects the inode extent list and size. Release the\nread semphore before calling fiemap_fill_next_extent() in ocfs2_fiemap()\nand ocfs2_fiemap_inline(). This does an unnecessary semaphore lock/unlock\non the last extent but simplifies the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39885",
"url": "https://www.suse.com/security/cve/CVE-2025-39885"
},
{
"category": "external",
"summary": "SUSE Bug 1250407 for CVE-2025-39885",
"url": "https://bugzilla.suse.com/1250407"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39885"
},
{
"cve": "CVE-2025-39890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix memory leak in ath12k_service_ready_ext_event\n\nCurrently, in ath12k_service_ready_ext_event(), svc_rdy_ext.mac_phy_caps\nis not freed in the failure case, causing a memory leak. The following\ntrace is observed in kmemleak:\n\nunreferenced object 0xffff8b3eb5789c00 (size 1024):\n comm \"softirq\", pid 0, jiffies 4294942577\n hex dump (first 32 bytes):\n 00 00 00 00 01 00 00 00 00 00 00 00 7b 00 00 10 ............{...\n 01 00 00 00 00 00 00 00 01 00 00 00 1f 38 00 00 .............8..\n backtrace (crc 44e1c357):\n __kmalloc_noprof+0x30b/0x410\n ath12k_wmi_mac_phy_caps_parse+0x84/0x100 [ath12k]\n ath12k_wmi_tlv_iter+0x5e/0x140 [ath12k]\n ath12k_wmi_svc_rdy_ext_parse+0x308/0x4c0 [ath12k]\n ath12k_wmi_tlv_iter+0x5e/0x140 [ath12k]\n ath12k_service_ready_ext_event.isra.0+0x44/0xd0 [ath12k]\n ath12k_wmi_op_rx+0x2eb/0xd70 [ath12k]\n ath12k_htc_rx_completion_handler+0x1f4/0x330 [ath12k]\n ath12k_ce_recv_process_cb+0x218/0x300 [ath12k]\n ath12k_pci_ce_workqueue+0x1b/0x30 [ath12k]\n process_one_work+0x219/0x680\n bh_worker+0x198/0x1f0\n tasklet_action+0x13/0x30\n handle_softirqs+0xca/0x460\n __irq_exit_rcu+0xbe/0x110\n irq_exit_rcu+0x9/0x30\n\nFree svc_rdy_ext.mac_phy_caps in the error case to fix this memory leak.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39890",
"url": "https://www.suse.com/security/cve/CVE-2025-39890"
},
{
"category": "external",
"summary": "SUSE Bug 1250334 for CVE-2025-39890",
"url": "https://bugzilla.suse.com/1250334"
},
{
"category": "external",
"summary": "SUSE Bug 1250488 for CVE-2025-39890",
"url": "https://bugzilla.suse.com/1250488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "important"
}
],
"title": "CVE-2025-39890"
},
{
"cve": "CVE-2025-39922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbe: fix incorrect map used in eee linkmode\n\nincorrectly used ixgbe_lp_map in loops intended to populate the\nsupported and advertised EEE linkmode bitmaps based on ixgbe_ls_map.\nThis results in incorrect bit setting and potential out-of-bounds\naccess, since ixgbe_lp_map and ixgbe_ls_map have different sizes\nand purposes.\n\nixgbe_lp_map[i] -\u003e ixgbe_ls_map[i]\n\nUse ixgbe_ls_map for supported and advertised linkmodes, and keep\nixgbe_lp_map usage only for link partner (lp_advertised) mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39922",
"url": "https://www.suse.com/security/cve/CVE-2025-39922"
},
{
"category": "external",
"summary": "SUSE Bug 1250722 for CVE-2025-39922",
"url": "https://bugzilla.suse.com/1250722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-39922"
},
{
"cve": "CVE-2025-40300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40300"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmscape: Add conditional IBPB mitigation\n\nVMSCAPE is a vulnerability that exploits insufficient branch predictor\nisolation between a guest and a userspace hypervisor (like QEMU). Existing\nmitigations already protect kernel/KVM from a malicious guest. Userspace\ncan additionally be protected by flushing the branch predictors after a\nVMexit.\n\nSince it is the userspace that consumes the poisoned branch predictors,\nconditionally issue an IBPB after a VMexit and before returning to\nuserspace. Workloads that frequently switch between hypervisor and\nuserspace will incur the most overhead from the new IBPB.\n\nThis new IBPB is not integrated with the existing IBPB sites. For\ninstance, a task can use the existing speculation control prctl() to\nget an IBPB at context switch time. With this implementation, the\nIBPB is doubled up: one at context switch and another before running\nuserspace.\n\nThe intent is to integrate and optimize these cases post-embargo.\n\n[ dhansen: elaborate on suboptimal IBPB solution ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40300",
"url": "https://www.suse.com/security/cve/CVE-2025-40300"
},
{
"category": "external",
"summary": "SUSE Bug 1249561 for CVE-2025-40300",
"url": "https://bugzilla.suse.com/1249561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-azure-devel-6.4.0-150700.20.15.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-devel-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-source-azure-6.4.0-150700.20.15.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP7:kernel-syms-azure-6.4.0-150700.20.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:41Z",
"details": "moderate"
}
],
"title": "CVE-2025-40300"
}
]
}
suse-su-2025:03634-1
Vulnerability from csaf_suse
Published
2025-10-17 14:32
Modified
2025-10-17 14:32
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39828: kABI workaround for struct atmdev_ops extension (bsc#1250205).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Correct typos of References tags in some patches
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for 'spurious' preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb 'force_immediate_exit' into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Limit patch filenames to 100 characters (bsc#1249604).
- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: keystone: Use devm_request_irq() to free 'ks-pcie-error-irq' on exit (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- Refresh patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch. (bsc#1249186)
- Revert 'SUNRPC: Do not allow waiting for exiting tasks' (git-fixes).
- Revert 'drm/amdgpu: fix incorrect vm flags to map bo' (stable-fixes).
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- ata: libata-scsi: Fix CDL control (git-fixes).
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for 'netfilter: nf_tables: Audit log rule reset' (git-fixes).
- kABI workaround for 'drm/dp: Add an EDID quirk for the DPCD register access probe' (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186)
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- scsi: Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
Patchnames
SUSE-2025-3634,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-3634,openSUSE-SLE-15.6-2025-3634
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer-\u003epointer (bsc#1249770).\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).\n- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).\n- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).\n- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).\n- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).\n- CVE-2025-38418: remoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails (bsc#1247137).\n- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).\n- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).\n- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).\n- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).\n- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).\n- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).\n- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).\n- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).\n- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).\n- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).\n- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).\n- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).\n- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).\n- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).\n- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).\n- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).\n- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).\n- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).\n- CVE-2025-38684: net/sched: ets: use old \u0027nbands\u0027 while purging unused classes (bsc#1249156).\n- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).\n- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).\n- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).\n- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).\n- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).\n- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).\n- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).\n- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).\n- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).\n- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).\n- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (bsc#1249290).\n- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).\n- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).\n- CVE-2025-39703: net, hsr: reject HSR frame if skb can\u0027t hold tag (bsc#1249315).\n- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).\n- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).\n- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).\n- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).\n- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).\n- CVE-2025-39749: rcu: Protect -\u003edefer_qs_iw_pending from data race (bsc#1249533).\n- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).\n- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).\n- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).\n- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).\n- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).\n- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).\n- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).\n- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn\u0027t use 0 as SPI (bsc#1249608).\n- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).\n- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).\n- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).\n- CVE-2025-39828: kABI workaround for struct atmdev_ops extension (bsc#1250205).\n- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).\n- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).\n- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).\n- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).\n- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).\n- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).\n- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).\n- CVE-2025-39854: ice: fix NULL access of tx-\u003ein_use in ice_ll_ts_intr (bsc#1250297).\n- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).\n- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).\n- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).\n- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).\n\nThe following non-security bugs were fixed:\n\n- 9p/xen: fix init sequence (git-fixes).\n- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).\n- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).\n- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).\n- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).\n- ACPICA: Fix largest possible resource descriptor index (git-fixes).\n- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).\n- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).\n- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: lx_core: use int type to store negative error codes (git-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).\n- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).\n- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Convert comma to semicolon (git-fixes).\n- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).\n- ALSA: usb-audio: move mixer_quirks\u0027 min_mute into common quirk (stable-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).\n- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).\n- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).\n- ASoC: wm8940: Correct PLL rate rounding (git-fixes).\n- ASoC: wm8940: Correct typo in control name (git-fixes).\n- ASoC: wm8974: Correct PLL rate rounding (git-fixes).\n- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).\n- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).\n- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).\n- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).\n- Bluetooth: MGMT: Fix possible UAFs (git-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).\n- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- Bluetooth: qca: fix invalid device address check (git-fixes).\n- Bluetooth: qca: fix wcn3991 device address check (git-fixes).\n- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).\n- CONFIG \u0026 no reference -\u003e OK temporarily, must be resolved eventually\n- Correct typos of References tags in some patches\n- Do not self obsolete older kernel variants\n- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).\n- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).\n- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).\n- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).\n- HID: input: report battery status changes immediately (git-fixes).\n- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).\n- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).\n- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).\n- HID: wacom: Add a new Art Pen 2 (stable-fixes).\n- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)\n- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)\n- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).\n- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).\n- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).\n- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).\n- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).\n- KVM: VMX: Extract checking of guest\u0027s DEBUGCTL into helper (git-fixes).\n- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).\n- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).\n- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).\n- KVM: VMX: Re-enter guest in fastpath for \u0027spurious\u0027 preemption timer exits (git-fixes).\n- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).\n- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).\n- KVM: x86/xen: Allow \u0027out of range\u0027 event channel ports in IRQ routing table (git-fixes).\n- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).\n- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).\n- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).\n- KVM: x86: Plumb \u0027force_immediate_exit\u0027 into kvm_entry() tracepoint (git-fixes).\n- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).\n- Limit patch filenames to 100 characters (bsc#1249604).\n- Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).\n- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).\n- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).\n- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).\n- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).\n- NFSv4: Do not clear capabilities that won\u0027t be reset (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).\n- PCI/ERR: Fix uevent on failure to recover (git-fixes).\n- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Extend isolated function probing to LoongArch (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: keystone: Use devm_request_irq() to free \u0027ks-pcie-error-irq\u0027 on exit (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rcar-host: Drop PMSR spinlock (git-fixes).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).\n- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).\n- PCI: tegra194: Handle errors in BPMP response (git-fixes).\n- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).\n- PCI: tegra: Fix devm_kcalloc() argument order for port-\u003ephys allocation (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)\n- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)\n- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)\n- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)\n- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)\n- RDMA/rxe: Fix race in do_task() when draining (git-fixes)\n- RDMA/siw: Always report immediate post SQ errors (git-fixes)\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)\n- Refresh patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch. (bsc#1249186)\n- Revert \u0027SUNRPC: Do not allow waiting for exiting tasks\u0027 (git-fixes).\n- Revert \u0027drm/amdgpu: fix incorrect vm flags to map bo\u0027 (stable-fixes).\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).\n- Squashfs: add additional inode sanity checking (git-fixes).\n- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).\n- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).\n- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes)\n- arm64: Handle KCOV __init vs inline mismatches (git-fixes)\n- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)\n- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)\n- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)\n- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)\n- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)\n- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)\n- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)\n- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)\n- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).\n- batman-adv: fix OOB read/write in network-coding decode (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf, bpftool: Fix incorrect disasm pc (git-fixes).\n- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).\n- bpf: Fix iter/task tid filtering (git-fixes).\n- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).\n- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).\n- bpf: Properly test iter/task tid filtering (git-fixes).\n- bpf: bpftool: Setting error code in do_loader() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: handle implicit declaration of function gettid in bpf_iter.c\n- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- bpftool: Fix JSON writer resource leak in version command (git-fixes).\n- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).\n- bpftool: Fix readlink usage in get_fd_type (git-fixes).\n- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).\n- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).\n- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).\n- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).\n- btrfs: add cancellation points to trim loops (git-fixes).\n- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).\n- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).\n- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data overwriting bug during buffered write when block size \u0026lt; page size (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).\n- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).\n- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).\n- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).\n- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).\n- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).\n- btrfs: scrub: fix grouping of read IO (git-fixes).\n- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).\n- btrfs: split remaining space to discard in chunks (git-fixes).\n- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).\n- build_bug.h: Add KABI assert (bsc#1249186).\n- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).\n- bus: mhi: host: Do not use uninitialized \u0027dev\u0027 pointer in mhi_init_irq_setup() (git-fixes).\n- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).\n- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).\n- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).\n- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).\n- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).\n- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).\n- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).\n- ceph: validate snapdirname option length when mounting (git-fixes).\n- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).\n- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).\n- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).\n- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).\n- cgroup: make css_rstat_updated nmi safe (bsc#1247963).\n- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).\n- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).\n- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).\n- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).\n- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).\n- cpufreq: Exit governor when failed to start old governor (stable-fixes).\n- cpufreq: Init policy-\u003erwsem before it may be possibly used (git-fixes).\n- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).\n- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).\n- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).\n- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).\n- cpufreq: governor: Fix negative \u0027idle_time\u0027 handling in dbs_update() (git-fixes).\n- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).\n- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).\n- cpufreq: scpi: compare kHz instead of Hz (git-fixes).\n- cpufreq: tegra186: Share policy per cluster (stable-fixes).\n- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).\n- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).\n- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).\n- crypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs (git-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).\n- crypto: qat - add shutdown handler to qat_c62x (git-fixes).\n- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).\n- dmaengine: Fix dma_async_tx_descriptor-\u003etx_submit documentation (git-fixes).\n- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).\n- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).\n- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).\n- dmaengine: idxd: Remove improper idxd_free (git-fixes).\n- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).\n- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).\n- docs: admin-guide: update to current minimum pipe size default (git-fixes).\n- drivers/base/node: fix double free in register_one_node() (git-fixes).\n- drivers/base/node: handle error properly in register_one_node() (git-fixes).\n- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).\n- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).\n- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).\n- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).\n- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).\n- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Remove redundant semicolons (git-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd/display: use udelay rather than fsleep (git-fixes).\n- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).\n- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).\n- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).\n- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).\n- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).\n- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).\n- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).\n- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).\n- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: remove the redeclaration of variable i (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).\n- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).\n- drm/bridge: it6505: select REGMAP_I2C (git-fixes).\n- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).\n- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).\n- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).\n- drm/edid: Define the quirks in an enum list (bsc#1248121).\n- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).\n- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/mediatek: fix potential OF node use-after-free (git-fixes).\n- drm/msm/dpu: fix incorrect type for ret (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).\n- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).\n- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).\n- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).\n- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).\n- fbcon: Fix OOB access in font allocation (git-fixes).\n- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).\n- firmware: meson_sm: fix device leak at probe (git-fixes).\n- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).\n- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).\n- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).\n- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).\n- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).\n- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i2c: designware: Add disabling clocks when probe fails (git-fixes).\n- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).\n- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).\n- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).\n- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)\n- i3c: Fix default I2C adapter timeout value (git-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- i3c: master: svc: Recycle unused IBI slot (git-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).\n- iio: dac: ad5360: use int type to store negative error codes (git-fixes).\n- iio: dac: ad5421: use int type to store negative error codes (git-fixes).\n- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).\n- iio: frequency: adf4350: Fix prescaler usage (git-fixes).\n- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).\n- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iommu/vt-d: Fix __domain_mapping()\u0027s usage of switch_to_super_page() (git-fixes).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- kABI fix for \u0027netfilter: nf_tables: Audit log rule reset\u0027 (git-fixes).\n- kABI workaround for \u0027drm/dp: Add an EDID quirk for the DPCD register access probe\u0027 (bsc#1248121).\n- kABI workaround for RCU tasks exit tracking (bsc#1246298).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kABI: adjust new field on ip_ct_sctp struct (git-fixes).\n- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).\n- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).\n- kABI: make nft_trans_gc_catchall() public again (git-fixes).\n- kABI: netfilter flowtable move gc operation to bottom (git-fixes).\n- kabi: Restore layout of parallel_data (bsc1248343).\n- kabi: add struct cgroup_extra (bsc#1247963).\n- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).\n- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).\n- kernel-binary: Another installation ordering fix (bsc#1241353).\n- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).\n- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).\n- media: cx18: Add missing check after DMA map (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).\n- media: lirc: Fix error handling in lirc_register() (git-fixes).\n- media: pci: ivtv: Add missing check after DMA map (git-fixes).\n- media: rc: fix races with imon_disconnect() (git-fixes).\n- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).\n- media: st-delta: avoid excessive stack usage (git-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).\n- media: zoran: Remove zoran_fh structure (git-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).\n- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).\n- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).\n- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).\n- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).\n- mm: move page table sync declarations to linux/pgtable.h (git-fixes).\n- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).\n- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).\n- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).\n- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).\n- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).\n- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).\n- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).\n- net: nfc: nci: Add parameter validation for packet data (git-fixes).\n- net: phy: fix phy_uses_state_machine() (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).\n- net: rose: convert \u0027use\u0027 field to refcount_t (git-fixes).\n- net: rose: fix a typo in rose_clear_routes() (git-fixes).\n- net: rose: include node references in rose_neigh refcount (git-fixes).\n- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- net: usb: cdc-ncm: check for filtering capability (git-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).\n- netfilter: conntrack: fix extension size table (git-fixes).\n- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).\n- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).\n- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).\n- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).\n- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).\n- netfilter: nf_tables: Audit log rule reset (git-fixes).\n- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).\n- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).\n- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).\n- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).\n- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).\n- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).\n- netfilter: nf_tables: Unbreak audit log reset (git-fixes).\n- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).\n- netfilter: nf_tables: audit log object reset once per table (git-fixes).\n- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).\n- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).\n- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: nft_obj_filter fits into cb-\u003ectx (git-fixes).\n- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).\n- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).\n- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).\n- netfilter: nft_payload: fix wrong mac header matching (git-fixes).\n- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).\n- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).\n- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).\n- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).\n- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).\n- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).\n- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).\n- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).\n- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).\n- nvme-pci: try function level reset on init failure (git-fixes).\n- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).\n- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).\n- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).\n- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).\n- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).\n- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).\n- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).\n- phy: ti-pipe3: fix device leak at unbind (git-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).\n- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).\n- pinctrl: renesas: Use int type to store negative error codes (git-fixes).\n- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).\n- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).\n- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).\n- platform/x86: think-lmi: Fix class device unregistration (git-fixes).\n- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).\n- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).\n- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).\n- power: supply: max77976_charger: fix constant current reporting (git-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pptp: fix pptp_xmit() error path (git-fixes).\n- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).\n- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).\n- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)\n- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)\n- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain real-time response in (bsc#1246298)\n- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)\n- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)\n- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)\n- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).\n- regulator: scmi: Use int type to store negative error codes (git-fixes).\n- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm: Configure KABI checkingness macro (bsc#1249186)\n- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186)\n- rpm: Link arch-symbols script from scripts directory.\n- rpm: Link guards script from scripts directory.\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).\n- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).\n- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).\n- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).\n- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).\n- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).\n- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).\n- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).\n- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).\n- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- sched/deadline: Collect sched_dl_entity initialization (git-fixes)\n- sched/fair: Remove unused parameter from sched_asym() (git-fixes)\n- sched/fair: Take the scheduling domain into account in (git-fixes)\n- sched/isolation: Fix boot crash when maxcpus \u0026lt; first (git-fixes)\n- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)\n- scsi: Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).\n- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).\n- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).\n- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).\n- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).\n- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).\n- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).\n- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).\n- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).\n- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).\n- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).\n- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).\n- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).\n- scsi: lpfc: use min() to improve code (bsc#1250519).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).\n- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).\n- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).\n- scsi: qla2xxx: Remove firmware URL (git-fixes).\n- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).\n- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).\n- selftests/bpf: Add asserts for netfilter link info (git-fixes).\n- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).\n- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).\n- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- serial: max310x: Add error checking in probe() (git-fixes).\n- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- spi: bcm2835: Remove redundant semicolons (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).\n- spi: mtk-snfi: Remove redundant semicolons (git-fixes).\n- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).\n- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).\n- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).\n- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).\n- struct l2cap_chan: shift new member rx_avail to end (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- supported.conf: mark hyperv_drm as external\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- thunderbolt: Compare HMAC values in constant time (git-fixes).\n- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).\n- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).\n- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).\n- usb: core: Add 0x prefix to quirks debug output (stable-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).\n- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).\n- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: fusb302: cache PD RX state (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).\n- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).\n- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- use uniform permission checks for all mount propagation changes (git-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).\n- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).\n- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).\n- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).\n- vhost: fail early when __vhost_add_used() fails (git-fixes).\n- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).\n- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- vsock: Allow retrying on connect() failure (git-fixes).\n- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).\n- vsock: avoid timeout during connect() if the socket is closing (git-fixes).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).\n- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).\n- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).\n- wifi: ath11k: fix group data packet drops during rekey (git-fixes).\n- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).\n- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).\n- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).\n- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).\n- wifi: mac80211: fix incorrect type for ret (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).\n- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).\n- wifi: mwifiex: send world regulatory domain to driver (git-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).\n- wifi: virt_wifi: Fix page fault on connect (stable-fixes).\n- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (bsc#1237776).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (kABI fixup) (bsc#1237776).\n- writeback: Avoid excessively long inode switching times (bsc#1237776).\n- writeback: Avoid softlockup when switching many inodes (bsc#1237776).\n- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).\n- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).\n- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).\n- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).\n- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).\n- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).\n- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).\n- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).\n- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).\n- xen/netfront: Fix TX response spurious interrupts (git-fixes).\n- xen: Add support for XenServer 6.1 platform device (git-fixes).\n- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).\n- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).\n- xfs: rework datasync tracking and execution (bsc#1237449).\n- xhci: Fix control transfer error on Etron xHCI host (git-fixes).\n- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).\n- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).\n- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3634,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-3634,openSUSE-SLE-15.6-2025-3634",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03634-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03634-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503634-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03634-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042195.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1213061",
"url": "https://bugzilla.suse.com/1213061"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1213666",
"url": "https://bugzilla.suse.com/1213666"
},
{
"category": "self",
"summary": "SUSE Bug 1214073",
"url": "https://bugzilla.suse.com/1214073"
},
{
"category": "self",
"summary": "SUSE Bug 1214928",
"url": "https://bugzilla.suse.com/1214928"
},
{
"category": "self",
"summary": "SUSE Bug 1214953",
"url": "https://bugzilla.suse.com/1214953"
},
{
"category": "self",
"summary": "SUSE Bug 1215150",
"url": "https://bugzilla.suse.com/1215150"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215696",
"url": "https://bugzilla.suse.com/1215696"
},
{
"category": "self",
"summary": "SUSE Bug 1216436",
"url": "https://bugzilla.suse.com/1216436"
},
{
"category": "self",
"summary": "SUSE Bug 1216976",
"url": "https://bugzilla.suse.com/1216976"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1220186",
"url": "https://bugzilla.suse.com/1220186"
},
{
"category": "self",
"summary": "SUSE Bug 1220419",
"url": "https://bugzilla.suse.com/1220419"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1229165",
"url": "https://bugzilla.suse.com/1229165"
},
{
"category": "self",
"summary": "SUSE Bug 1230062",
"url": "https://bugzilla.suse.com/1230062"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1234156",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1237449",
"url": "https://bugzilla.suse.com/1237449"
},
{
"category": "self",
"summary": "SUSE Bug 1237776",
"url": "https://bugzilla.suse.com/1237776"
},
{
"category": "self",
"summary": "SUSE Bug 1240324",
"url": "https://bugzilla.suse.com/1240324"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241292",
"url": "https://bugzilla.suse.com/1241292"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1241866",
"url": "https://bugzilla.suse.com/1241866"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1243100",
"url": "https://bugzilla.suse.com/1243100"
},
{
"category": "self",
"summary": "SUSE Bug 1243112",
"url": "https://bugzilla.suse.com/1243112"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245193",
"url": "https://bugzilla.suse.com/1245193"
},
{
"category": "self",
"summary": "SUSE Bug 1245260",
"url": "https://bugzilla.suse.com/1245260"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245700",
"url": "https://bugzilla.suse.com/1245700"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246057",
"url": "https://bugzilla.suse.com/1246057"
},
{
"category": "self",
"summary": "SUSE Bug 1246125",
"url": "https://bugzilla.suse.com/1246125"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246190",
"url": "https://bugzilla.suse.com/1246190"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1246248",
"url": "https://bugzilla.suse.com/1246248"
},
{
"category": "self",
"summary": "SUSE Bug 1246298",
"url": "https://bugzilla.suse.com/1246298"
},
{
"category": "self",
"summary": "SUSE Bug 1246509",
"url": "https://bugzilla.suse.com/1246509"
},
{
"category": "self",
"summary": "SUSE Bug 1246782",
"url": "https://bugzilla.suse.com/1246782"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247099",
"url": "https://bugzilla.suse.com/1247099"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247118",
"url": "https://bugzilla.suse.com/1247118"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247126",
"url": "https://bugzilla.suse.com/1247126"
},
{
"category": "self",
"summary": "SUSE Bug 1247136",
"url": "https://bugzilla.suse.com/1247136"
},
{
"category": "self",
"summary": "SUSE Bug 1247137",
"url": "https://bugzilla.suse.com/1247137"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247223",
"url": "https://bugzilla.suse.com/1247223"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247239",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247262",
"url": "https://bugzilla.suse.com/1247262"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247442",
"url": "https://bugzilla.suse.com/1247442"
},
{
"category": "self",
"summary": "SUSE Bug 1247483",
"url": "https://bugzilla.suse.com/1247483"
},
{
"category": "self",
"summary": "SUSE Bug 1247500",
"url": "https://bugzilla.suse.com/1247500"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247963",
"url": "https://bugzilla.suse.com/1247963"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248111",
"url": "https://bugzilla.suse.com/1248111"
},
{
"category": "self",
"summary": "SUSE Bug 1248121",
"url": "https://bugzilla.suse.com/1248121"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248192",
"url": "https://bugzilla.suse.com/1248192"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248199",
"url": "https://bugzilla.suse.com/1248199"
},
{
"category": "self",
"summary": "SUSE Bug 1248200",
"url": "https://bugzilla.suse.com/1248200"
},
{
"category": "self",
"summary": "SUSE Bug 1248202",
"url": "https://bugzilla.suse.com/1248202"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248225",
"url": "https://bugzilla.suse.com/1248225"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248296",
"url": "https://bugzilla.suse.com/1248296"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248334",
"url": "https://bugzilla.suse.com/1248334"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248343",
"url": "https://bugzilla.suse.com/1248343"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248357",
"url": "https://bugzilla.suse.com/1248357"
},
{
"category": "self",
"summary": "SUSE Bug 1248360",
"url": "https://bugzilla.suse.com/1248360"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248365",
"url": "https://bugzilla.suse.com/1248365"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248378",
"url": "https://bugzilla.suse.com/1248378"
},
{
"category": "self",
"summary": "SUSE Bug 1248380",
"url": "https://bugzilla.suse.com/1248380"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248392",
"url": "https://bugzilla.suse.com/1248392"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248512",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248610",
"url": "https://bugzilla.suse.com/1248610"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248619",
"url": "https://bugzilla.suse.com/1248619"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248622",
"url": "https://bugzilla.suse.com/1248622"
},
{
"category": "self",
"summary": "SUSE Bug 1248626",
"url": "https://bugzilla.suse.com/1248626"
},
{
"category": "self",
"summary": "SUSE Bug 1248628",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "self",
"summary": "SUSE Bug 1248634",
"url": "https://bugzilla.suse.com/1248634"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248639",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248674",
"url": "https://bugzilla.suse.com/1248674"
},
{
"category": "self",
"summary": "SUSE Bug 1248681",
"url": "https://bugzilla.suse.com/1248681"
},
{
"category": "self",
"summary": "SUSE Bug 1248733",
"url": "https://bugzilla.suse.com/1248733"
},
{
"category": "self",
"summary": "SUSE Bug 1248734",
"url": "https://bugzilla.suse.com/1248734"
},
{
"category": "self",
"summary": "SUSE Bug 1248735",
"url": "https://bugzilla.suse.com/1248735"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1248775",
"url": "https://bugzilla.suse.com/1248775"
},
{
"category": "self",
"summary": "SUSE Bug 1248847",
"url": "https://bugzilla.suse.com/1248847"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249122",
"url": "https://bugzilla.suse.com/1249122"
},
{
"category": "self",
"summary": "SUSE Bug 1249123",
"url": "https://bugzilla.suse.com/1249123"
},
{
"category": "self",
"summary": "SUSE Bug 1249124",
"url": "https://bugzilla.suse.com/1249124"
},
{
"category": "self",
"summary": "SUSE Bug 1249125",
"url": "https://bugzilla.suse.com/1249125"
},
{
"category": "self",
"summary": "SUSE Bug 1249126",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "self",
"summary": "SUSE Bug 1249143",
"url": "https://bugzilla.suse.com/1249143"
},
{
"category": "self",
"summary": "SUSE Bug 1249156",
"url": "https://bugzilla.suse.com/1249156"
},
{
"category": "self",
"summary": "SUSE Bug 1249159",
"url": "https://bugzilla.suse.com/1249159"
},
{
"category": "self",
"summary": "SUSE Bug 1249163",
"url": "https://bugzilla.suse.com/1249163"
},
{
"category": "self",
"summary": "SUSE Bug 1249164",
"url": "https://bugzilla.suse.com/1249164"
},
{
"category": "self",
"summary": "SUSE Bug 1249166",
"url": "https://bugzilla.suse.com/1249166"
},
{
"category": "self",
"summary": "SUSE Bug 1249169",
"url": "https://bugzilla.suse.com/1249169"
},
{
"category": "self",
"summary": "SUSE Bug 1249170",
"url": "https://bugzilla.suse.com/1249170"
},
{
"category": "self",
"summary": "SUSE Bug 1249172",
"url": "https://bugzilla.suse.com/1249172"
},
{
"category": "self",
"summary": "SUSE Bug 1249176",
"url": "https://bugzilla.suse.com/1249176"
},
{
"category": "self",
"summary": "SUSE Bug 1249177",
"url": "https://bugzilla.suse.com/1249177"
},
{
"category": "self",
"summary": "SUSE Bug 1249186",
"url": "https://bugzilla.suse.com/1249186"
},
{
"category": "self",
"summary": "SUSE Bug 1249190",
"url": "https://bugzilla.suse.com/1249190"
},
{
"category": "self",
"summary": "SUSE Bug 1249194",
"url": "https://bugzilla.suse.com/1249194"
},
{
"category": "self",
"summary": "SUSE Bug 1249195",
"url": "https://bugzilla.suse.com/1249195"
},
{
"category": "self",
"summary": "SUSE Bug 1249196",
"url": "https://bugzilla.suse.com/1249196"
},
{
"category": "self",
"summary": "SUSE Bug 1249199",
"url": "https://bugzilla.suse.com/1249199"
},
{
"category": "self",
"summary": "SUSE Bug 1249200",
"url": "https://bugzilla.suse.com/1249200"
},
{
"category": "self",
"summary": "SUSE Bug 1249202",
"url": "https://bugzilla.suse.com/1249202"
},
{
"category": "self",
"summary": "SUSE Bug 1249203",
"url": "https://bugzilla.suse.com/1249203"
},
{
"category": "self",
"summary": "SUSE Bug 1249204",
"url": "https://bugzilla.suse.com/1249204"
},
{
"category": "self",
"summary": "SUSE Bug 1249206",
"url": "https://bugzilla.suse.com/1249206"
},
{
"category": "self",
"summary": "SUSE Bug 1249215",
"url": "https://bugzilla.suse.com/1249215"
},
{
"category": "self",
"summary": "SUSE Bug 1249220",
"url": "https://bugzilla.suse.com/1249220"
},
{
"category": "self",
"summary": "SUSE Bug 1249221",
"url": "https://bugzilla.suse.com/1249221"
},
{
"category": "self",
"summary": "SUSE Bug 1249254",
"url": "https://bugzilla.suse.com/1249254"
},
{
"category": "self",
"summary": "SUSE Bug 1249255",
"url": "https://bugzilla.suse.com/1249255"
},
{
"category": "self",
"summary": "SUSE Bug 1249257",
"url": "https://bugzilla.suse.com/1249257"
},
{
"category": "self",
"summary": "SUSE Bug 1249258",
"url": "https://bugzilla.suse.com/1249258"
},
{
"category": "self",
"summary": "SUSE Bug 1249260",
"url": "https://bugzilla.suse.com/1249260"
},
{
"category": "self",
"summary": "SUSE Bug 1249262",
"url": "https://bugzilla.suse.com/1249262"
},
{
"category": "self",
"summary": "SUSE Bug 1249263",
"url": "https://bugzilla.suse.com/1249263"
},
{
"category": "self",
"summary": "SUSE Bug 1249265",
"url": "https://bugzilla.suse.com/1249265"
},
{
"category": "self",
"summary": "SUSE Bug 1249266",
"url": "https://bugzilla.suse.com/1249266"
},
{
"category": "self",
"summary": "SUSE Bug 1249271",
"url": "https://bugzilla.suse.com/1249271"
},
{
"category": "self",
"summary": "SUSE Bug 1249272",
"url": "https://bugzilla.suse.com/1249272"
},
{
"category": "self",
"summary": "SUSE Bug 1249273",
"url": "https://bugzilla.suse.com/1249273"
},
{
"category": "self",
"summary": "SUSE Bug 1249278",
"url": "https://bugzilla.suse.com/1249278"
},
{
"category": "self",
"summary": "SUSE Bug 1249279",
"url": "https://bugzilla.suse.com/1249279"
},
{
"category": "self",
"summary": "SUSE Bug 1249281",
"url": "https://bugzilla.suse.com/1249281"
},
{
"category": "self",
"summary": "SUSE Bug 1249282",
"url": "https://bugzilla.suse.com/1249282"
},
{
"category": "self",
"summary": "SUSE Bug 1249284",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "self",
"summary": "SUSE Bug 1249285",
"url": "https://bugzilla.suse.com/1249285"
},
{
"category": "self",
"summary": "SUSE Bug 1249288",
"url": "https://bugzilla.suse.com/1249288"
},
{
"category": "self",
"summary": "SUSE Bug 1249290",
"url": "https://bugzilla.suse.com/1249290"
},
{
"category": "self",
"summary": "SUSE Bug 1249292",
"url": "https://bugzilla.suse.com/1249292"
},
{
"category": "self",
"summary": "SUSE Bug 1249295",
"url": "https://bugzilla.suse.com/1249295"
},
{
"category": "self",
"summary": "SUSE Bug 1249296",
"url": "https://bugzilla.suse.com/1249296"
},
{
"category": "self",
"summary": "SUSE Bug 1249299",
"url": "https://bugzilla.suse.com/1249299"
},
{
"category": "self",
"summary": "SUSE Bug 1249300",
"url": "https://bugzilla.suse.com/1249300"
},
{
"category": "self",
"summary": "SUSE Bug 1249303",
"url": "https://bugzilla.suse.com/1249303"
},
{
"category": "self",
"summary": "SUSE Bug 1249304",
"url": "https://bugzilla.suse.com/1249304"
},
{
"category": "self",
"summary": "SUSE Bug 1249305",
"url": "https://bugzilla.suse.com/1249305"
},
{
"category": "self",
"summary": "SUSE Bug 1249308",
"url": "https://bugzilla.suse.com/1249308"
},
{
"category": "self",
"summary": "SUSE Bug 1249312",
"url": "https://bugzilla.suse.com/1249312"
},
{
"category": "self",
"summary": "SUSE Bug 1249315",
"url": "https://bugzilla.suse.com/1249315"
},
{
"category": "self",
"summary": "SUSE Bug 1249318",
"url": "https://bugzilla.suse.com/1249318"
},
{
"category": "self",
"summary": "SUSE Bug 1249321",
"url": "https://bugzilla.suse.com/1249321"
},
{
"category": "self",
"summary": "SUSE Bug 1249323",
"url": "https://bugzilla.suse.com/1249323"
},
{
"category": "self",
"summary": "SUSE Bug 1249324",
"url": "https://bugzilla.suse.com/1249324"
},
{
"category": "self",
"summary": "SUSE Bug 1249334",
"url": "https://bugzilla.suse.com/1249334"
},
{
"category": "self",
"summary": "SUSE Bug 1249338",
"url": "https://bugzilla.suse.com/1249338"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE Bug 1249374",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "self",
"summary": "SUSE Bug 1249413",
"url": "https://bugzilla.suse.com/1249413"
},
{
"category": "self",
"summary": "SUSE Bug 1249479",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "self",
"summary": "SUSE Bug 1249481",
"url": "https://bugzilla.suse.com/1249481"
},
{
"category": "self",
"summary": "SUSE Bug 1249482",
"url": "https://bugzilla.suse.com/1249482"
},
{
"category": "self",
"summary": "SUSE Bug 1249486",
"url": "https://bugzilla.suse.com/1249486"
},
{
"category": "self",
"summary": "SUSE Bug 1249488",
"url": "https://bugzilla.suse.com/1249488"
},
{
"category": "self",
"summary": "SUSE Bug 1249489",
"url": "https://bugzilla.suse.com/1249489"
},
{
"category": "self",
"summary": "SUSE Bug 1249490",
"url": "https://bugzilla.suse.com/1249490"
},
{
"category": "self",
"summary": "SUSE Bug 1249494",
"url": "https://bugzilla.suse.com/1249494"
},
{
"category": "self",
"summary": "SUSE Bug 1249504",
"url": "https://bugzilla.suse.com/1249504"
},
{
"category": "self",
"summary": "SUSE Bug 1249506",
"url": "https://bugzilla.suse.com/1249506"
},
{
"category": "self",
"summary": "SUSE Bug 1249508",
"url": "https://bugzilla.suse.com/1249508"
},
{
"category": "self",
"summary": "SUSE Bug 1249510",
"url": "https://bugzilla.suse.com/1249510"
},
{
"category": "self",
"summary": "SUSE Bug 1249513",
"url": "https://bugzilla.suse.com/1249513"
},
{
"category": "self",
"summary": "SUSE Bug 1249515",
"url": "https://bugzilla.suse.com/1249515"
},
{
"category": "self",
"summary": "SUSE Bug 1249516",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "self",
"summary": "SUSE Bug 1249522",
"url": "https://bugzilla.suse.com/1249522"
},
{
"category": "self",
"summary": "SUSE Bug 1249523",
"url": "https://bugzilla.suse.com/1249523"
},
{
"category": "self",
"summary": "SUSE Bug 1249524",
"url": "https://bugzilla.suse.com/1249524"
},
{
"category": "self",
"summary": "SUSE Bug 1249526",
"url": "https://bugzilla.suse.com/1249526"
},
{
"category": "self",
"summary": "SUSE Bug 1249533",
"url": "https://bugzilla.suse.com/1249533"
},
{
"category": "self",
"summary": "SUSE Bug 1249538",
"url": "https://bugzilla.suse.com/1249538"
},
{
"category": "self",
"summary": "SUSE Bug 1249540",
"url": "https://bugzilla.suse.com/1249540"
},
{
"category": "self",
"summary": "SUSE Bug 1249542",
"url": "https://bugzilla.suse.com/1249542"
},
{
"category": "self",
"summary": "SUSE Bug 1249545",
"url": "https://bugzilla.suse.com/1249545"
},
{
"category": "self",
"summary": "SUSE Bug 1249548",
"url": "https://bugzilla.suse.com/1249548"
},
{
"category": "self",
"summary": "SUSE Bug 1249554",
"url": "https://bugzilla.suse.com/1249554"
},
{
"category": "self",
"summary": "SUSE Bug 1249598",
"url": "https://bugzilla.suse.com/1249598"
},
{
"category": "self",
"summary": "SUSE Bug 1249604",
"url": "https://bugzilla.suse.com/1249604"
},
{
"category": "self",
"summary": "SUSE Bug 1249608",
"url": "https://bugzilla.suse.com/1249608"
},
{
"category": "self",
"summary": "SUSE Bug 1249615",
"url": "https://bugzilla.suse.com/1249615"
},
{
"category": "self",
"summary": "SUSE Bug 1249640",
"url": "https://bugzilla.suse.com/1249640"
},
{
"category": "self",
"summary": "SUSE Bug 1249641",
"url": "https://bugzilla.suse.com/1249641"
},
{
"category": "self",
"summary": "SUSE Bug 1249642",
"url": "https://bugzilla.suse.com/1249642"
},
{
"category": "self",
"summary": "SUSE Bug 1249658",
"url": "https://bugzilla.suse.com/1249658"
},
{
"category": "self",
"summary": "SUSE Bug 1249662",
"url": "https://bugzilla.suse.com/1249662"
},
{
"category": "self",
"summary": "SUSE Bug 1249672",
"url": "https://bugzilla.suse.com/1249672"
},
{
"category": "self",
"summary": "SUSE Bug 1249673",
"url": "https://bugzilla.suse.com/1249673"
},
{
"category": "self",
"summary": "SUSE Bug 1249677",
"url": "https://bugzilla.suse.com/1249677"
},
{
"category": "self",
"summary": "SUSE Bug 1249678",
"url": "https://bugzilla.suse.com/1249678"
},
{
"category": "self",
"summary": "SUSE Bug 1249679",
"url": "https://bugzilla.suse.com/1249679"
},
{
"category": "self",
"summary": "SUSE Bug 1249682",
"url": "https://bugzilla.suse.com/1249682"
},
{
"category": "self",
"summary": "SUSE Bug 1249687",
"url": "https://bugzilla.suse.com/1249687"
},
{
"category": "self",
"summary": "SUSE Bug 1249698",
"url": "https://bugzilla.suse.com/1249698"
},
{
"category": "self",
"summary": "SUSE Bug 1249707",
"url": "https://bugzilla.suse.com/1249707"
},
{
"category": "self",
"summary": "SUSE Bug 1249712",
"url": "https://bugzilla.suse.com/1249712"
},
{
"category": "self",
"summary": "SUSE Bug 1249730",
"url": "https://bugzilla.suse.com/1249730"
},
{
"category": "self",
"summary": "SUSE Bug 1249756",
"url": "https://bugzilla.suse.com/1249756"
},
{
"category": "self",
"summary": "SUSE Bug 1249758",
"url": "https://bugzilla.suse.com/1249758"
},
{
"category": "self",
"summary": "SUSE Bug 1249761",
"url": "https://bugzilla.suse.com/1249761"
},
{
"category": "self",
"summary": "SUSE Bug 1249762",
"url": "https://bugzilla.suse.com/1249762"
},
{
"category": "self",
"summary": "SUSE Bug 1249768",
"url": "https://bugzilla.suse.com/1249768"
},
{
"category": "self",
"summary": "SUSE Bug 1249770",
"url": "https://bugzilla.suse.com/1249770"
},
{
"category": "self",
"summary": "SUSE Bug 1249774",
"url": "https://bugzilla.suse.com/1249774"
},
{
"category": "self",
"summary": "SUSE Bug 1249779",
"url": "https://bugzilla.suse.com/1249779"
},
{
"category": "self",
"summary": "SUSE Bug 1249780",
"url": "https://bugzilla.suse.com/1249780"
},
{
"category": "self",
"summary": "SUSE Bug 1249785",
"url": "https://bugzilla.suse.com/1249785"
},
{
"category": "self",
"summary": "SUSE Bug 1249787",
"url": "https://bugzilla.suse.com/1249787"
},
{
"category": "self",
"summary": "SUSE Bug 1249795",
"url": "https://bugzilla.suse.com/1249795"
},
{
"category": "self",
"summary": "SUSE Bug 1249815",
"url": "https://bugzilla.suse.com/1249815"
},
{
"category": "self",
"summary": "SUSE Bug 1249820",
"url": "https://bugzilla.suse.com/1249820"
},
{
"category": "self",
"summary": "SUSE Bug 1249823",
"url": "https://bugzilla.suse.com/1249823"
},
{
"category": "self",
"summary": "SUSE Bug 1249824",
"url": "https://bugzilla.suse.com/1249824"
},
{
"category": "self",
"summary": "SUSE Bug 1249825",
"url": "https://bugzilla.suse.com/1249825"
},
{
"category": "self",
"summary": "SUSE Bug 1249826",
"url": "https://bugzilla.suse.com/1249826"
},
{
"category": "self",
"summary": "SUSE Bug 1249833",
"url": "https://bugzilla.suse.com/1249833"
},
{
"category": "self",
"summary": "SUSE Bug 1249842",
"url": "https://bugzilla.suse.com/1249842"
},
{
"category": "self",
"summary": "SUSE Bug 1249845",
"url": "https://bugzilla.suse.com/1249845"
},
{
"category": "self",
"summary": "SUSE Bug 1249849",
"url": "https://bugzilla.suse.com/1249849"
},
{
"category": "self",
"summary": "SUSE Bug 1249850",
"url": "https://bugzilla.suse.com/1249850"
},
{
"category": "self",
"summary": "SUSE Bug 1249853",
"url": "https://bugzilla.suse.com/1249853"
},
{
"category": "self",
"summary": "SUSE Bug 1249856",
"url": "https://bugzilla.suse.com/1249856"
},
{
"category": "self",
"summary": "SUSE Bug 1249861",
"url": "https://bugzilla.suse.com/1249861"
},
{
"category": "self",
"summary": "SUSE Bug 1249863",
"url": "https://bugzilla.suse.com/1249863"
},
{
"category": "self",
"summary": "SUSE Bug 1249864",
"url": "https://bugzilla.suse.com/1249864"
},
{
"category": "self",
"summary": "SUSE Bug 1249865",
"url": "https://bugzilla.suse.com/1249865"
},
{
"category": "self",
"summary": "SUSE Bug 1249866",
"url": "https://bugzilla.suse.com/1249866"
},
{
"category": "self",
"summary": "SUSE Bug 1249869",
"url": "https://bugzilla.suse.com/1249869"
},
{
"category": "self",
"summary": "SUSE Bug 1249870",
"url": "https://bugzilla.suse.com/1249870"
},
{
"category": "self",
"summary": "SUSE Bug 1249880",
"url": "https://bugzilla.suse.com/1249880"
},
{
"category": "self",
"summary": "SUSE Bug 1249883",
"url": "https://bugzilla.suse.com/1249883"
},
{
"category": "self",
"summary": "SUSE Bug 1249888",
"url": "https://bugzilla.suse.com/1249888"
},
{
"category": "self",
"summary": "SUSE Bug 1249894",
"url": "https://bugzilla.suse.com/1249894"
},
{
"category": "self",
"summary": "SUSE Bug 1249896",
"url": "https://bugzilla.suse.com/1249896"
},
{
"category": "self",
"summary": "SUSE Bug 1249897",
"url": "https://bugzilla.suse.com/1249897"
},
{
"category": "self",
"summary": "SUSE Bug 1249901",
"url": "https://bugzilla.suse.com/1249901"
},
{
"category": "self",
"summary": "SUSE Bug 1249911",
"url": "https://bugzilla.suse.com/1249911"
},
{
"category": "self",
"summary": "SUSE Bug 1249917",
"url": "https://bugzilla.suse.com/1249917"
},
{
"category": "self",
"summary": "SUSE Bug 1249919",
"url": "https://bugzilla.suse.com/1249919"
},
{
"category": "self",
"summary": "SUSE Bug 1249923",
"url": "https://bugzilla.suse.com/1249923"
},
{
"category": "self",
"summary": "SUSE Bug 1249926",
"url": "https://bugzilla.suse.com/1249926"
},
{
"category": "self",
"summary": "SUSE Bug 1249938",
"url": "https://bugzilla.suse.com/1249938"
},
{
"category": "self",
"summary": "SUSE Bug 1249949",
"url": "https://bugzilla.suse.com/1249949"
},
{
"category": "self",
"summary": "SUSE Bug 1249950",
"url": "https://bugzilla.suse.com/1249950"
},
{
"category": "self",
"summary": "SUSE Bug 1249952",
"url": "https://bugzilla.suse.com/1249952"
},
{
"category": "self",
"summary": "SUSE Bug 1249975",
"url": "https://bugzilla.suse.com/1249975"
},
{
"category": "self",
"summary": "SUSE Bug 1249979",
"url": "https://bugzilla.suse.com/1249979"
},
{
"category": "self",
"summary": "SUSE Bug 1249984",
"url": "https://bugzilla.suse.com/1249984"
},
{
"category": "self",
"summary": "SUSE Bug 1249988",
"url": "https://bugzilla.suse.com/1249988"
},
{
"category": "self",
"summary": "SUSE Bug 1249990",
"url": "https://bugzilla.suse.com/1249990"
},
{
"category": "self",
"summary": "SUSE Bug 1249993",
"url": "https://bugzilla.suse.com/1249993"
},
{
"category": "self",
"summary": "SUSE Bug 1249994",
"url": "https://bugzilla.suse.com/1249994"
},
{
"category": "self",
"summary": "SUSE Bug 1249997",
"url": "https://bugzilla.suse.com/1249997"
},
{
"category": "self",
"summary": "SUSE Bug 1250002",
"url": "https://bugzilla.suse.com/1250002"
},
{
"category": "self",
"summary": "SUSE Bug 1250004",
"url": "https://bugzilla.suse.com/1250004"
},
{
"category": "self",
"summary": "SUSE Bug 1250006",
"url": "https://bugzilla.suse.com/1250006"
},
{
"category": "self",
"summary": "SUSE Bug 1250007",
"url": "https://bugzilla.suse.com/1250007"
},
{
"category": "self",
"summary": "SUSE Bug 1250012",
"url": "https://bugzilla.suse.com/1250012"
},
{
"category": "self",
"summary": "SUSE Bug 1250022",
"url": "https://bugzilla.suse.com/1250022"
},
{
"category": "self",
"summary": "SUSE Bug 1250024",
"url": "https://bugzilla.suse.com/1250024"
},
{
"category": "self",
"summary": "SUSE Bug 1250025",
"url": "https://bugzilla.suse.com/1250025"
},
{
"category": "self",
"summary": "SUSE Bug 1250028",
"url": "https://bugzilla.suse.com/1250028"
},
{
"category": "self",
"summary": "SUSE Bug 1250029",
"url": "https://bugzilla.suse.com/1250029"
},
{
"category": "self",
"summary": "SUSE Bug 1250035",
"url": "https://bugzilla.suse.com/1250035"
},
{
"category": "self",
"summary": "SUSE Bug 1250049",
"url": "https://bugzilla.suse.com/1250049"
},
{
"category": "self",
"summary": "SUSE Bug 1250055",
"url": "https://bugzilla.suse.com/1250055"
},
{
"category": "self",
"summary": "SUSE Bug 1250057",
"url": "https://bugzilla.suse.com/1250057"
},
{
"category": "self",
"summary": "SUSE Bug 1250058",
"url": "https://bugzilla.suse.com/1250058"
},
{
"category": "self",
"summary": "SUSE Bug 1250062",
"url": "https://bugzilla.suse.com/1250062"
},
{
"category": "self",
"summary": "SUSE Bug 1250063",
"url": "https://bugzilla.suse.com/1250063"
},
{
"category": "self",
"summary": "SUSE Bug 1250065",
"url": "https://bugzilla.suse.com/1250065"
},
{
"category": "self",
"summary": "SUSE Bug 1250066",
"url": "https://bugzilla.suse.com/1250066"
},
{
"category": "self",
"summary": "SUSE Bug 1250067",
"url": "https://bugzilla.suse.com/1250067"
},
{
"category": "self",
"summary": "SUSE Bug 1250069",
"url": "https://bugzilla.suse.com/1250069"
},
{
"category": "self",
"summary": "SUSE Bug 1250070",
"url": "https://bugzilla.suse.com/1250070"
},
{
"category": "self",
"summary": "SUSE Bug 1250073",
"url": "https://bugzilla.suse.com/1250073"
},
{
"category": "self",
"summary": "SUSE Bug 1250074",
"url": "https://bugzilla.suse.com/1250074"
},
{
"category": "self",
"summary": "SUSE Bug 1250088",
"url": "https://bugzilla.suse.com/1250088"
},
{
"category": "self",
"summary": "SUSE Bug 1250089",
"url": "https://bugzilla.suse.com/1250089"
},
{
"category": "self",
"summary": "SUSE Bug 1250106",
"url": "https://bugzilla.suse.com/1250106"
},
{
"category": "self",
"summary": "SUSE Bug 1250112",
"url": "https://bugzilla.suse.com/1250112"
},
{
"category": "self",
"summary": "SUSE Bug 1250117",
"url": "https://bugzilla.suse.com/1250117"
},
{
"category": "self",
"summary": "SUSE Bug 1250120",
"url": "https://bugzilla.suse.com/1250120"
},
{
"category": "self",
"summary": "SUSE Bug 1250125",
"url": "https://bugzilla.suse.com/1250125"
},
{
"category": "self",
"summary": "SUSE Bug 1250127",
"url": "https://bugzilla.suse.com/1250127"
},
{
"category": "self",
"summary": "SUSE Bug 1250128",
"url": "https://bugzilla.suse.com/1250128"
},
{
"category": "self",
"summary": "SUSE Bug 1250145",
"url": "https://bugzilla.suse.com/1250145"
},
{
"category": "self",
"summary": "SUSE Bug 1250150",
"url": "https://bugzilla.suse.com/1250150"
},
{
"category": "self",
"summary": "SUSE Bug 1250156",
"url": "https://bugzilla.suse.com/1250156"
},
{
"category": "self",
"summary": "SUSE Bug 1250157",
"url": "https://bugzilla.suse.com/1250157"
},
{
"category": "self",
"summary": "SUSE Bug 1250161",
"url": "https://bugzilla.suse.com/1250161"
},
{
"category": "self",
"summary": "SUSE Bug 1250163",
"url": "https://bugzilla.suse.com/1250163"
},
{
"category": "self",
"summary": "SUSE Bug 1250166",
"url": "https://bugzilla.suse.com/1250166"
},
{
"category": "self",
"summary": "SUSE Bug 1250167",
"url": "https://bugzilla.suse.com/1250167"
},
{
"category": "self",
"summary": "SUSE Bug 1250169",
"url": "https://bugzilla.suse.com/1250169"
},
{
"category": "self",
"summary": "SUSE Bug 1250171",
"url": "https://bugzilla.suse.com/1250171"
},
{
"category": "self",
"summary": "SUSE Bug 1250177",
"url": "https://bugzilla.suse.com/1250177"
},
{
"category": "self",
"summary": "SUSE Bug 1250179",
"url": "https://bugzilla.suse.com/1250179"
},
{
"category": "self",
"summary": "SUSE Bug 1250180",
"url": "https://bugzilla.suse.com/1250180"
},
{
"category": "self",
"summary": "SUSE Bug 1250186",
"url": "https://bugzilla.suse.com/1250186"
},
{
"category": "self",
"summary": "SUSE Bug 1250196",
"url": "https://bugzilla.suse.com/1250196"
},
{
"category": "self",
"summary": "SUSE Bug 1250198",
"url": "https://bugzilla.suse.com/1250198"
},
{
"category": "self",
"summary": "SUSE Bug 1250199",
"url": "https://bugzilla.suse.com/1250199"
},
{
"category": "self",
"summary": "SUSE Bug 1250201",
"url": "https://bugzilla.suse.com/1250201"
},
{
"category": "self",
"summary": "SUSE Bug 1250203",
"url": "https://bugzilla.suse.com/1250203"
},
{
"category": "self",
"summary": "SUSE Bug 1250204",
"url": "https://bugzilla.suse.com/1250204"
},
{
"category": "self",
"summary": "SUSE Bug 1250205",
"url": "https://bugzilla.suse.com/1250205"
},
{
"category": "self",
"summary": "SUSE Bug 1250206",
"url": "https://bugzilla.suse.com/1250206"
},
{
"category": "self",
"summary": "SUSE Bug 1250208",
"url": "https://bugzilla.suse.com/1250208"
},
{
"category": "self",
"summary": "SUSE Bug 1250241",
"url": "https://bugzilla.suse.com/1250241"
},
{
"category": "self",
"summary": "SUSE Bug 1250242",
"url": "https://bugzilla.suse.com/1250242"
},
{
"category": "self",
"summary": "SUSE Bug 1250243",
"url": "https://bugzilla.suse.com/1250243"
},
{
"category": "self",
"summary": "SUSE Bug 1250247",
"url": "https://bugzilla.suse.com/1250247"
},
{
"category": "self",
"summary": "SUSE Bug 1250249",
"url": "https://bugzilla.suse.com/1250249"
},
{
"category": "self",
"summary": "SUSE Bug 1250251",
"url": "https://bugzilla.suse.com/1250251"
},
{
"category": "self",
"summary": "SUSE Bug 1250262",
"url": "https://bugzilla.suse.com/1250262"
},
{
"category": "self",
"summary": "SUSE Bug 1250263",
"url": "https://bugzilla.suse.com/1250263"
},
{
"category": "self",
"summary": "SUSE Bug 1250266",
"url": "https://bugzilla.suse.com/1250266"
},
{
"category": "self",
"summary": "SUSE Bug 1250267",
"url": "https://bugzilla.suse.com/1250267"
},
{
"category": "self",
"summary": "SUSE Bug 1250268",
"url": "https://bugzilla.suse.com/1250268"
},
{
"category": "self",
"summary": "SUSE Bug 1250275",
"url": "https://bugzilla.suse.com/1250275"
},
{
"category": "self",
"summary": "SUSE Bug 1250276",
"url": "https://bugzilla.suse.com/1250276"
},
{
"category": "self",
"summary": "SUSE Bug 1250281",
"url": "https://bugzilla.suse.com/1250281"
},
{
"category": "self",
"summary": "SUSE Bug 1250290",
"url": "https://bugzilla.suse.com/1250290"
},
{
"category": "self",
"summary": "SUSE Bug 1250291",
"url": "https://bugzilla.suse.com/1250291"
},
{
"category": "self",
"summary": "SUSE Bug 1250292",
"url": "https://bugzilla.suse.com/1250292"
},
{
"category": "self",
"summary": "SUSE Bug 1250294",
"url": "https://bugzilla.suse.com/1250294"
},
{
"category": "self",
"summary": "SUSE Bug 1250297",
"url": "https://bugzilla.suse.com/1250297"
},
{
"category": "self",
"summary": "SUSE Bug 1250298",
"url": "https://bugzilla.suse.com/1250298"
},
{
"category": "self",
"summary": "SUSE Bug 1250313",
"url": "https://bugzilla.suse.com/1250313"
},
{
"category": "self",
"summary": "SUSE Bug 1250319",
"url": "https://bugzilla.suse.com/1250319"
},
{
"category": "self",
"summary": "SUSE Bug 1250323",
"url": "https://bugzilla.suse.com/1250323"
},
{
"category": "self",
"summary": "SUSE Bug 1250325",
"url": "https://bugzilla.suse.com/1250325"
},
{
"category": "self",
"summary": "SUSE Bug 1250329",
"url": "https://bugzilla.suse.com/1250329"
},
{
"category": "self",
"summary": "SUSE Bug 1250336",
"url": "https://bugzilla.suse.com/1250336"
},
{
"category": "self",
"summary": "SUSE Bug 1250337",
"url": "https://bugzilla.suse.com/1250337"
},
{
"category": "self",
"summary": "SUSE Bug 1250344",
"url": "https://bugzilla.suse.com/1250344"
},
{
"category": "self",
"summary": "SUSE Bug 1250358",
"url": "https://bugzilla.suse.com/1250358"
},
{
"category": "self",
"summary": "SUSE Bug 1250365",
"url": "https://bugzilla.suse.com/1250365"
},
{
"category": "self",
"summary": "SUSE Bug 1250371",
"url": "https://bugzilla.suse.com/1250371"
},
{
"category": "self",
"summary": "SUSE Bug 1250377",
"url": "https://bugzilla.suse.com/1250377"
},
{
"category": "self",
"summary": "SUSE Bug 1250384",
"url": "https://bugzilla.suse.com/1250384"
},
{
"category": "self",
"summary": "SUSE Bug 1250389",
"url": "https://bugzilla.suse.com/1250389"
},
{
"category": "self",
"summary": "SUSE Bug 1250395",
"url": "https://bugzilla.suse.com/1250395"
},
{
"category": "self",
"summary": "SUSE Bug 1250397",
"url": "https://bugzilla.suse.com/1250397"
},
{
"category": "self",
"summary": "SUSE Bug 1250402",
"url": "https://bugzilla.suse.com/1250402"
},
{
"category": "self",
"summary": "SUSE Bug 1250406",
"url": "https://bugzilla.suse.com/1250406"
},
{
"category": "self",
"summary": "SUSE Bug 1250407",
"url": "https://bugzilla.suse.com/1250407"
},
{
"category": "self",
"summary": "SUSE Bug 1250426",
"url": "https://bugzilla.suse.com/1250426"
},
{
"category": "self",
"summary": "SUSE Bug 1250450",
"url": "https://bugzilla.suse.com/1250450"
},
{
"category": "self",
"summary": "SUSE Bug 1250459",
"url": "https://bugzilla.suse.com/1250459"
},
{
"category": "self",
"summary": "SUSE Bug 1250519",
"url": "https://bugzilla.suse.com/1250519"
},
{
"category": "self",
"summary": "SUSE Bug 1250522",
"url": "https://bugzilla.suse.com/1250522"
},
{
"category": "self",
"summary": "SUSE Bug 1250530",
"url": "https://bugzilla.suse.com/1250530"
},
{
"category": "self",
"summary": "SUSE Bug 1250655",
"url": "https://bugzilla.suse.com/1250655"
},
{
"category": "self",
"summary": "SUSE Bug 1250712",
"url": "https://bugzilla.suse.com/1250712"
},
{
"category": "self",
"summary": "SUSE Bug 1250713",
"url": "https://bugzilla.suse.com/1250713"
},
{
"category": "self",
"summary": "SUSE Bug 1250732",
"url": "https://bugzilla.suse.com/1250732"
},
{
"category": "self",
"summary": "SUSE Bug 1250736",
"url": "https://bugzilla.suse.com/1250736"
},
{
"category": "self",
"summary": "SUSE Bug 1250741",
"url": "https://bugzilla.suse.com/1250741"
},
{
"category": "self",
"summary": "SUSE Bug 1250759",
"url": "https://bugzilla.suse.com/1250759"
},
{
"category": "self",
"summary": "SUSE Bug 1250763",
"url": "https://bugzilla.suse.com/1250763"
},
{
"category": "self",
"summary": "SUSE Bug 1250765",
"url": "https://bugzilla.suse.com/1250765"
},
{
"category": "self",
"summary": "SUSE Bug 1250807",
"url": "https://bugzilla.suse.com/1250807"
},
{
"category": "self",
"summary": "SUSE Bug 1250808",
"url": "https://bugzilla.suse.com/1250808"
},
{
"category": "self",
"summary": "SUSE Bug 1250809",
"url": "https://bugzilla.suse.com/1250809"
},
{
"category": "self",
"summary": "SUSE Bug 1250812",
"url": "https://bugzilla.suse.com/1250812"
},
{
"category": "self",
"summary": "SUSE Bug 1250813",
"url": "https://bugzilla.suse.com/1250813"
},
{
"category": "self",
"summary": "SUSE Bug 1250815",
"url": "https://bugzilla.suse.com/1250815"
},
{
"category": "self",
"summary": "SUSE Bug 1250816",
"url": "https://bugzilla.suse.com/1250816"
},
{
"category": "self",
"summary": "SUSE Bug 1250820",
"url": "https://bugzilla.suse.com/1250820"
},
{
"category": "self",
"summary": "SUSE Bug 1250823",
"url": "https://bugzilla.suse.com/1250823"
},
{
"category": "self",
"summary": "SUSE Bug 1250825",
"url": "https://bugzilla.suse.com/1250825"
},
{
"category": "self",
"summary": "SUSE Bug 1250827",
"url": "https://bugzilla.suse.com/1250827"
},
{
"category": "self",
"summary": "SUSE Bug 1250830",
"url": "https://bugzilla.suse.com/1250830"
},
{
"category": "self",
"summary": "SUSE Bug 1250831",
"url": "https://bugzilla.suse.com/1250831"
},
{
"category": "self",
"summary": "SUSE Bug 1250837",
"url": "https://bugzilla.suse.com/1250837"
},
{
"category": "self",
"summary": "SUSE Bug 1250841",
"url": "https://bugzilla.suse.com/1250841"
},
{
"category": "self",
"summary": "SUSE Bug 1250861",
"url": "https://bugzilla.suse.com/1250861"
},
{
"category": "self",
"summary": "SUSE Bug 1250863",
"url": "https://bugzilla.suse.com/1250863"
},
{
"category": "self",
"summary": "SUSE Bug 1250867",
"url": "https://bugzilla.suse.com/1250867"
},
{
"category": "self",
"summary": "SUSE Bug 1250872",
"url": "https://bugzilla.suse.com/1250872"
},
{
"category": "self",
"summary": "SUSE Bug 1250873",
"url": "https://bugzilla.suse.com/1250873"
},
{
"category": "self",
"summary": "SUSE Bug 1250878",
"url": "https://bugzilla.suse.com/1250878"
},
{
"category": "self",
"summary": "SUSE Bug 1250905",
"url": "https://bugzilla.suse.com/1250905"
},
{
"category": "self",
"summary": "SUSE Bug 1250907",
"url": "https://bugzilla.suse.com/1250907"
},
{
"category": "self",
"summary": "SUSE Bug 1250917",
"url": "https://bugzilla.suse.com/1250917"
},
{
"category": "self",
"summary": "SUSE Bug 1250918",
"url": "https://bugzilla.suse.com/1250918"
},
{
"category": "self",
"summary": "SUSE Bug 1250923",
"url": "https://bugzilla.suse.com/1250923"
},
{
"category": "self",
"summary": "SUSE Bug 1250926",
"url": "https://bugzilla.suse.com/1250926"
},
{
"category": "self",
"summary": "SUSE Bug 1250928",
"url": "https://bugzilla.suse.com/1250928"
},
{
"category": "self",
"summary": "SUSE Bug 1250929",
"url": "https://bugzilla.suse.com/1250929"
},
{
"category": "self",
"summary": "SUSE Bug 1250930",
"url": "https://bugzilla.suse.com/1250930"
},
{
"category": "self",
"summary": "SUSE Bug 1250931",
"url": "https://bugzilla.suse.com/1250931"
},
{
"category": "self",
"summary": "SUSE Bug 1250941",
"url": "https://bugzilla.suse.com/1250941"
},
{
"category": "self",
"summary": "SUSE Bug 1250942",
"url": "https://bugzilla.suse.com/1250942"
},
{
"category": "self",
"summary": "SUSE Bug 1250949",
"url": "https://bugzilla.suse.com/1250949"
},
{
"category": "self",
"summary": "SUSE Bug 1250952",
"url": "https://bugzilla.suse.com/1250952"
},
{
"category": "self",
"summary": "SUSE Bug 1250957",
"url": "https://bugzilla.suse.com/1250957"
},
{
"category": "self",
"summary": "SUSE Bug 1250964",
"url": "https://bugzilla.suse.com/1250964"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-31248 page",
"url": "https://www.suse.com/security/cve/CVE-2023-31248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39197 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-42753 page",
"url": "https://www.suse.com/security/cve/CVE-2023-42753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53148 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53150 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53151 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53152 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53165 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53167 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53170 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53174 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53175 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53179 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53180 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53181 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53183 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53184 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53185 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53187 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53189 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53192 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53195 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53196 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53201 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53204 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53205 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53206 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53207 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53208 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53209 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53210 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53215 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53220 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53221 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53222 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53230 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53231 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53235 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53238 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53243 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53245 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53247 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53248 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53249 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53251 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53252 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53255 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53257 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53258 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53260 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53260/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53261 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53263 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53264 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53272 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53274 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53275 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53280 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53286 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53286/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53287 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53291 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53292 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53303 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53304 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53305 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53309 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53311 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53312 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53313 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53314 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53316 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53316/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53319 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53321 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53322 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53324 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53328 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53331 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53333 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53336 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53338 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53339 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53342 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53343 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53350 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53352 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53354 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53356 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53357 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53360 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53362 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53364 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53365 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53367 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53368 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53369 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53370 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53371 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53374 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53377 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53379 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53380 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53384 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53385 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53386 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53391 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53394 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53395 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53397 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53401 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53420 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53421 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53424 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53426 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53428 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53429 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53432 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53436 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53438 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53441 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53442 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53444 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53446 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53447 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53448 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53451 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53454 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53456 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53457 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53457/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53461 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53462 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53463 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53465 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53472 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53479 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53480 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53485 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53488 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53490 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53491 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53492 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53493 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53495 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53496 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53500 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53501 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53504 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53505 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53507 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53508 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53510 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53516 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53518 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53519 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53520 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53523 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53526 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53527 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53528 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26584 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58090 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58240 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38234 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38255 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38351 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38402 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38408 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38456 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38466 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38488 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38514 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38526 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38527 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38533 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38574 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38584 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38593 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38595 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38622 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38623 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38643 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38645 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38660 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38676 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38679 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38680 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38685 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38687 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38692 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38694 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38695 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38709 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38712 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38721 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38722 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38730 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39675 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39677 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39679 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39685 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39686 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39694 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39709 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39710 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39713 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39721 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39730 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39746 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39751 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39757 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39783 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39801 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39826 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39845 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39882 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39907 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39920 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40300 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40300/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-10-17T14:32:52Z",
"generator": {
"date": "2025-10-17T14:32:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03634-1",
"initial_release_date": "2025-10-17T14:32:52Z",
"revision_history": [
{
"date": "2025-10-17T14:32:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "kernel-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"product_id": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"product_id": "kernel-source-azure-6.4.0-150600.8.52.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.52.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.52.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.52.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.52.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-31248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-31248"
}
],
"notes": [
{
"category": "general",
"text": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-31248",
"url": "https://www.suse.com/security/cve/CVE-2023-31248"
},
{
"category": "external",
"summary": "SUSE Bug 1213061 for CVE-2023-31248",
"url": "https://bugzilla.suse.com/1213061"
},
{
"category": "external",
"summary": "SUSE Bug 1213064 for CVE-2023-31248",
"url": "https://bugzilla.suse.com/1213064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-31248"
},
{
"cve": "CVE-2023-3772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3772"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3772",
"url": "https://www.suse.com/security/cve/CVE-2023-3772"
},
{
"category": "external",
"summary": "SUSE Bug 1213666 for CVE-2023-3772",
"url": "https://bugzilla.suse.com/1213666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-3772"
},
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-39197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39197"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39197",
"url": "https://www.suse.com/security/cve/CVE-2023-39197"
},
{
"category": "external",
"summary": "SUSE Bug 1216976 for CVE-2023-39197",
"url": "https://bugzilla.suse.com/1216976"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-39197",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-39197"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-42753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-42753"
}
],
"notes": [
{
"category": "general",
"text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-42753",
"url": "https://www.suse.com/security/cve/CVE-2023-42753"
},
{
"category": "external",
"summary": "SUSE Bug 1215150 for CVE-2023-42753",
"url": "https://bugzilla.suse.com/1215150"
},
{
"category": "external",
"summary": "SUSE Bug 1218613 for CVE-2023-42753",
"url": "https://bugzilla.suse.com/1218613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-42753"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2023-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: add NULL check in xfrm_update_ae_params\n\nNormally, x-\u003ereplay_esn and x-\u003epreplay_esn should be allocated at\nxfrm_alloc_replay_state_esn(...) in xfrm_state_construct(...), hence the\nxfrm_update_ae_params(...) is okay to update them. However, the current\nimplementation of xfrm_new_ae(...) allows a malicious user to directly\ndereference a NULL pointer and crash the kernel like below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 8253067 P4D 8253067 PUD 8e0e067 PMD 0\nOops: 0002 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 PID: 98 Comm: poc.npd Not tainted 6.4.0-rc7-00072-gdad9774deaf1 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.o4\nRIP: 0010:memcpy_orig+0xad/0x140\nCode: e8 4c 89 5f e0 48 8d 7f e0 73 d2 83 c2 20 48 29 d6 48 29 d7 83 fa 10 72 34 4c 8b 06 4c 8b 4e 08 c\nRSP: 0018:ffff888008f57658 EFLAGS: 00000202\nRAX: 0000000000000000 RBX: ffff888008bd0000 RCX: ffffffff8238e571\nRDX: 0000000000000018 RSI: ffff888007f64844 RDI: 0000000000000000\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffff888008f57818\nR13: ffff888007f64aa4 R14: 0000000000000000 R15: 0000000000000000\nFS: 00000000014013c0(0000) GS:ffff88806d600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000054d8000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x70\n ? page_fault_oops+0x1e8/0x500\n ? __pfx_is_prefetch.constprop.0+0x10/0x10\n ? __pfx_page_fault_oops+0x10/0x10\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? fixup_exception+0x36/0x460\n ? _raw_spin_unlock_irqrestore+0x11/0x40\n ? exc_page_fault+0x5e/0xc0\n ? asm_exc_page_fault+0x26/0x30\n ? xfrm_update_ae_params+0xd1/0x260\n ? memcpy_orig+0xad/0x140\n ? __pfx__raw_spin_lock_bh+0x10/0x10\n xfrm_update_ae_params+0xe7/0x260\n xfrm_new_ae+0x298/0x4e0\n ? __pfx_xfrm_new_ae+0x10/0x10\n ? __pfx_xfrm_new_ae+0x10/0x10\n xfrm_user_rcv_msg+0x25a/0x410\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __alloc_skb+0xcf/0x210\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1c/0x70\n ? __stack_depot_save+0x39/0x4e0\n ? __kasan_slab_free+0x10a/0x190\n ? kmem_cache_free+0x9c/0x340\n ? netlink_recvmsg+0x23c/0x660\n ? sock_recvmsg+0xeb/0xf0\n ? __sys_recvfrom+0x13c/0x1f0\n ? __x64_sys_recvfrom+0x71/0x90\n ? do_syscall_64+0x3f/0x90\n ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n ? copyout+0x3e/0x50\n netlink_rcv_skb+0xd6/0x210\n ? __pfx_xfrm_user_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? __pfx_sock_has_perm+0x10/0x10\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n xfrm_netlink_rcv+0x44/0x50\n netlink_unicast+0x36f/0x4c0\n ? __pfx_netlink_unicast+0x10/0x10\n ? netlink_recvmsg+0x500/0x660\n netlink_sendmsg+0x3b7/0x700\n\nThis Null-ptr-deref bug is assigned CVE-2023-3772. And this commit\nadds additional NULL check in xfrm_update_ae_params to fix the NPD.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53147",
"url": "https://www.suse.com/security/cve/CVE-2023-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1249880 for CVE-2023-53147",
"url": "https://bugzilla.suse.com/1249880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53147"
},
{
"cve": "CVE-2023-53148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix igb_down hung on surprise removal\n\nIn a setup where a Thunderbolt hub connects to Ethernet and a display\nthrough USB Type-C, users may experience a hung task timeout when they\nremove the cable between the PC and the Thunderbolt hub.\nThis is because the igb_down function is called multiple times when\nthe Thunderbolt hub is unplugged. For example, the igb_io_error_detected\ntriggers the first call, and the igb_remove triggers the second call.\nThe second call to igb_down will block at napi_synchronize.\nHere\u0027s the call trace:\n __schedule+0x3b0/0xddb\n ? __mod_timer+0x164/0x5d3\n schedule+0x44/0xa8\n schedule_timeout+0xb2/0x2a4\n ? run_local_timers+0x4e/0x4e\n msleep+0x31/0x38\n igb_down+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4]\n __igb_close+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n igb_close+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4]\n __dev_close_many+0x95/0xec\n dev_close_many+0x6e/0x103\n unregister_netdevice_many+0x105/0x5b1\n unregister_netdevice_queue+0xc2/0x10d\n unregister_netdev+0x1c/0x23\n igb_remove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n pci_device_remove+0x3f/0x9c\n device_release_driver_internal+0xfe/0x1b4\n pci_stop_bus_device+0x5b/0x7f\n pci_stop_bus_device+0x30/0x7f\n pci_stop_bus_device+0x30/0x7f\n pci_stop_and_remove_bus_device+0x12/0x19\n pciehp_unconfigure_device+0x76/0xe9\n pciehp_disable_slot+0x6e/0x131\n pciehp_handle_presence_or_link_change+0x7a/0x3f7\n pciehp_ist+0xbe/0x194\n irq_thread_fn+0x22/0x4d\n ? irq_thread+0x1fd/0x1fd\n irq_thread+0x17b/0x1fd\n ? irq_forced_thread_fn+0x5f/0x5f\n kthread+0x142/0x153\n ? __irq_get_irqchip_state+0x46/0x46\n ? kthread_associate_blkcg+0x71/0x71\n ret_from_fork+0x1f/0x30\n\nIn this case, igb_io_error_detected detaches the network interface\nand requests a PCIE slot reset, however, the PCIE reset callback is\nnot being invoked and thus the Ethernet connection breaks down.\nAs the PCIE error in this case is a non-fatal one, requesting a\nslot reset can be avoided.\nThis patch fixes the task hung issue and preserves Ethernet\nconnection by ignoring non-fatal PCIE errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53148",
"url": "https://www.suse.com/security/cve/CVE-2023-53148"
},
{
"category": "external",
"summary": "SUSE Bug 1249842 for CVE-2023-53148",
"url": "https://bugzilla.suse.com/1249842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53148"
},
{
"cve": "CVE-2023-53150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Pointer may be dereferenced\n\nKlocwork tool reported pointer \u0027rport\u0027 returned from call to function\nfc_bsg_to_rport() may be NULL and will be dereferenced.\n\nAdd a fix to validate rport before dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53150",
"url": "https://www.suse.com/security/cve/CVE-2023-53150"
},
{
"category": "external",
"summary": "SUSE Bug 1249853 for CVE-2023-53150",
"url": "https://bugzilla.suse.com/1249853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53150"
},
{
"cve": "CVE-2023-53151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: prevent soft lockup while flush writes\n\nCurrently, there is no limit for raid1/raid10 plugged bio. While flushing\nwrites, raid1 has cond_resched() while raid10 doesn\u0027t, and too many\nwrites can cause soft lockup.\n\nFollow up soft lockup can be triggered easily with writeback test for\nraid10 with ramdisks:\n\nwatchdog: BUG: soft lockup - CPU#10 stuck for 27s! [md0_raid10:1293]\nCall Trace:\n \u003cTASK\u003e\n call_rcu+0x16/0x20\n put_object+0x41/0x80\n __delete_object+0x50/0x90\n delete_object_full+0x2b/0x40\n kmemleak_free+0x46/0xa0\n slab_free_freelist_hook.constprop.0+0xed/0x1a0\n kmem_cache_free+0xfd/0x300\n mempool_free_slab+0x1f/0x30\n mempool_free+0x3a/0x100\n bio_free+0x59/0x80\n bio_put+0xcf/0x2c0\n free_r10bio+0xbf/0xf0\n raid_end_bio_io+0x78/0xb0\n one_write_done+0x8a/0xa0\n raid10_end_write_request+0x1b4/0x430\n bio_endio+0x175/0x320\n brd_submit_bio+0x3b9/0x9b7 [brd]\n __submit_bio+0x69/0xe0\n submit_bio_noacct_nocheck+0x1e6/0x5a0\n submit_bio_noacct+0x38c/0x7e0\n flush_pending_writes+0xf0/0x240\n raid10d+0xac/0x1ed0\n\nFix the problem by adding cond_resched() to raid10 like what raid1 did.\n\nNote that unlimited plugged bio still need to be optimized, for example,\nin the case of lots of dirty pages writeback, this will take lots of\nmemory and io will spend a long time in plug, hence io latency is bad.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53151",
"url": "https://www.suse.com/security/cve/CVE-2023-53151"
},
{
"category": "external",
"summary": "SUSE Bug 1249865 for CVE-2023-53151",
"url": "https://bugzilla.suse.com/1249865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53151"
},
{
"cve": "CVE-2023-53152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix calltrace warning in amddrm_buddy_fini\n\nThe following call trace is observed when removing the amdgpu driver, which\nis caused by that BOs allocated for psp are not freed until removing.\n\n[61811.450562] RIP: 0010:amddrm_buddy_fini.cold+0x29/0x47 [amddrm_buddy]\n[61811.450577] Call Trace:\n[61811.450577] \u003cTASK\u003e\n[61811.450579] amdgpu_vram_mgr_fini+0x135/0x1c0 [amdgpu]\n[61811.450728] amdgpu_ttm_fini+0x207/0x290 [amdgpu]\n[61811.450870] amdgpu_bo_fini+0x27/0xa0 [amdgpu]\n[61811.451012] gmc_v9_0_sw_fini+0x4a/0x60 [amdgpu]\n[61811.451166] amdgpu_device_fini_sw+0x117/0x520 [amdgpu]\n[61811.451306] amdgpu_driver_release_kms+0x16/0x30 [amdgpu]\n[61811.451447] devm_drm_dev_init_release+0x4d/0x80 [drm]\n[61811.451466] devm_action_release+0x15/0x20\n[61811.451469] release_nodes+0x40/0xb0\n[61811.451471] devres_release_all+0x9b/0xd0\n[61811.451473] __device_release_driver+0x1bb/0x2a0\n[61811.451476] driver_detach+0xf3/0x140\n[61811.451479] bus_remove_driver+0x6c/0xf0\n[61811.451481] driver_unregister+0x31/0x60\n[61811.451483] pci_unregister_driver+0x40/0x90\n[61811.451486] amdgpu_exit+0x15/0x447 [amdgpu]\n\nFor smu v13_0_2, if the GPU supports xgmi, refer to\n\ncommit f5c7e7797060 (\"drm/amdgpu: Adjust removal control flow for smu v13_0_2\"),\n\nit will run gpu recover in AMDGPU_RESET_FOR_DEVICE_REMOVE mode when removing,\nwhich makes all devices in hive list have hw reset but no resume except the\nbasic ip blocks, then other ip blocks will not call .hw_fini according to\nip_block.status.hw.\n\nSince psp_free_shared_bufs just includes some software operations, so move\nit to psp_sw_fini.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53152",
"url": "https://www.suse.com/security/cve/CVE-2023-53152"
},
{
"category": "external",
"summary": "SUSE Bug 1249883 for CVE-2023-53152",
"url": "https://bugzilla.suse.com/1249883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53152"
},
{
"cve": "CVE-2023-53165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix uninitialized array access for some pathnames\n\nFor filenames that begin with . and are between 2 and 5 characters long,\nUDF charset conversion code would read uninitialized memory in the\noutput buffer. The only practical impact is that the name may be prepended a\n\"unification hash\" when it is not actually needed but still it is good\nto fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53165",
"url": "https://www.suse.com/security/cve/CVE-2023-53165"
},
{
"category": "external",
"summary": "SUSE Bug 1250395 for CVE-2023-53165",
"url": "https://bugzilla.suse.com/1250395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53165"
},
{
"cve": "CVE-2023-53167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix null pointer dereference in tracing_err_log_open()\n\nFix an issue in function \u0027tracing_err_log_open\u0027.\nThe function doesn\u0027t call \u0027seq_open\u0027 if the file is opened only with\nwrite permissions, which results in \u0027file-\u003eprivate_data\u0027 being left as null.\nIf we then use \u0027lseek\u0027 on that opened file, \u0027seq_lseek\u0027 dereferences\n\u0027file-\u003eprivate_data\u0027 in \u0027mutex_lock(\u0026m-\u003elock)\u0027, resulting in a kernel panic.\nWriting to this node requires root privileges, therefore this bug\nhas very little security impact.\n\nTracefs node: /sys/kernel/tracing/error_log\n\nExample Kernel panic:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\nCall trace:\n mutex_lock+0x30/0x110\n seq_lseek+0x34/0xb8\n __arm64_sys_lseek+0x6c/0xb8\n invoke_syscall+0x58/0x13c\n el0_svc_common+0xc4/0x10c\n do_el0_svc+0x24/0x98\n el0_svc+0x24/0x88\n el0t_64_sync_handler+0x84/0xe4\n el0t_64_sync+0x1b4/0x1b8\nCode: d503201f aa0803e0 aa1f03e1 aa0103e9 (c8e97d02)\n---[ end trace 561d1b49c12cf8a5 ]---\nKernel panic - not syncing: Oops: Fatal exception",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53167",
"url": "https://www.suse.com/security/cve/CVE-2023-53167"
},
{
"category": "external",
"summary": "SUSE Bug 1249712 for CVE-2023-53167",
"url": "https://bugzilla.suse.com/1249712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53167"
},
{
"cve": "CVE-2023-53170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53170"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: Removed unneeded of_node_put in felix_parse_ports_node\n\nRemove unnecessary of_node_put from the continue path to prevent\nchild node from being released twice, which could avoid resource\nleak or other unexpected issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53170",
"url": "https://www.suse.com/security/cve/CVE-2023-53170"
},
{
"category": "external",
"summary": "SUSE Bug 1249850 for CVE-2023-53170",
"url": "https://bugzilla.suse.com/1249850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53170"
},
{
"cve": "CVE-2023-53174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53174"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix possible memory leak if device_add() fails\n\nIf device_add() returns error, the name allocated by dev_set_name() needs\nbe freed. As the comment of device_add() says, put_device() should be used\nto decrease the reference count in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53174",
"url": "https://www.suse.com/security/cve/CVE-2023-53174"
},
{
"category": "external",
"summary": "SUSE Bug 1250024 for CVE-2023-53174",
"url": "https://bugzilla.suse.com/1250024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53174"
},
{
"cve": "CVE-2023-53175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53175"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation\n\nWhen a Linux VM with an assigned PCI device runs on Hyper-V, if the PCI\ndevice driver is not loaded yet (i.e. MSI-X/MSI is not enabled on the\ndevice yet), doing a VM hibernation triggers a panic in\nhv_pci_restore_msi_msg() -\u003e msi_lock_descs(\u0026pdev-\u003edev), because\npdev-\u003edev.msi.data is still NULL.\n\nAvoid the panic by checking if MSI-X/MSI is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53175",
"url": "https://www.suse.com/security/cve/CVE-2023-53175"
},
{
"category": "external",
"summary": "SUSE Bug 1249845 for CVE-2023-53175",
"url": "https://bugzilla.suse.com/1249845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53175"
},
{
"cve": "CVE-2023-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: hi846: fix usage of pm_runtime_get_if_in_use()\n\npm_runtime_get_if_in_use() does not only return nonzero values when\nthe device is in use, it can return a negative errno too.\n\nAnd especially during resuming from system suspend, when runtime pm\nis not yet up again, -EAGAIN is being returned, so the subsequent\npm_runtime_put() call results in a refcount underflow.\n\nFix system-resume by handling -EAGAIN of pm_runtime_get_if_in_use().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53177",
"url": "https://www.suse.com/security/cve/CVE-2023-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1249849 for CVE-2023-53177",
"url": "https://bugzilla.suse.com/1249849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53177"
},
{
"cve": "CVE-2023-53179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c\n\nThe missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can\nlead to the use of wrong `CIDR_POS(c)` for calculating array offsets,\nwhich can lead to integer underflow. As a result, it leads to slab\nout-of-bound access.\nThis patch adds back the IP_SET_HASH_WITH_NET0 macro to\nip_set_hash_netportnet to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53179",
"url": "https://www.suse.com/security/cve/CVE-2023-53179"
},
{
"category": "external",
"summary": "SUSE Bug 1249825 for CVE-2023-53179",
"url": "https://bugzilla.suse.com/1249825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53179"
},
{
"cve": "CVE-2023-53180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53180"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid NULL pointer access during management transmit cleanup\n\nCurrently \u0027ar\u0027 reference is not added in skb_cb.\nThough this is generally not used during transmit completion\ncallbacks, on interface removal the remaining idr cleanup callback\nuses the ar pointer from skb_cb from management txmgmt_idr. Hence fill them\nduring transmit call for proper usage to avoid NULL pointer dereference.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53180",
"url": "https://www.suse.com/security/cve/CVE-2023-53180"
},
{
"category": "external",
"summary": "SUSE Bug 1249826 for CVE-2023-53180",
"url": "https://bugzilla.suse.com/1249826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53180"
},
{
"cve": "CVE-2023-53181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/dma-resv: Stop leaking on krealloc() failure\n\nCurrently dma_resv_get_fences() will leak the previously\nallocated array if the fence iteration got restarted and\nthe krealloc_array() fails.\n\nFree the old array by hand, and make sure we still clear\nthe returned *fences so the caller won\u0027t end up accessing\nfreed memory. Some (but not all) of the callers of\ndma_resv_get_fences() seem to still trawl through the\narray even when dma_resv_get_fences() failed. And let\u0027s\nzero out *num_fences as well for good measure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53181",
"url": "https://www.suse.com/security/cve/CVE-2023-53181"
},
{
"category": "external",
"summary": "SUSE Bug 1249824 for CVE-2023-53181",
"url": "https://bugzilla.suse.com/1249824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53181"
},
{
"cve": "CVE-2023-53183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: exit gracefully if reloc roots don\u0027t match\n\n[BUG]\nSyzbot reported a crash that an ASSERT() got triggered inside\nprepare_to_merge().\n\n[CAUSE]\nThe root cause of the triggered ASSERT() is we can have a race between\nquota tree creation and relocation.\n\nThis leads us to create a duplicated quota tree in the\nbtrfs_read_fs_root() path, and since it\u0027s treated as fs tree, it would\nhave ROOT_SHAREABLE flag, causing us to create a reloc tree for it.\n\nThe bug itself is fixed by a dedicated patch for it, but this already\ntaught us the ASSERT() is not something straightforward for\ndevelopers.\n\n[ENHANCEMENT]\nInstead of using an ASSERT(), let\u0027s handle it gracefully and output\nextra info about the mismatch reloc roots to help debug.\n\nAlso with the above ASSERT() removed, we can trigger ASSERT(0)s inside\nmerge_reloc_roots() later.\nAlso replace those ASSERT(0)s with WARN_ON()s.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53183",
"url": "https://www.suse.com/security/cve/CVE-2023-53183"
},
{
"category": "external",
"summary": "SUSE Bug 1249863 for CVE-2023-53183",
"url": "https://bugzilla.suse.com/1249863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53183"
},
{
"cve": "CVE-2023-53184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/sme: Set new vector length before reallocating\n\nAs part of fixing the allocation of the buffer for SVE state when changing\nSME vector length we introduced an immediate reallocation of the SVE state,\nthis is also done when changing the SVE vector length for consistency.\nUnfortunately this reallocation is done prior to writing the new vector\nlength to the task struct, meaning the allocation is done with the old\nvector length and can lead to memory corruption due to an undersized buffer\nbeing used.\n\nMove the update of the vector length before the allocation to ensure that\nthe new vector length is taken into account.\n\nFor some reason this isn\u0027t triggering any problems when running tests on\nthe arm64 fixes branch (even after repeated tries) but is triggering\nissues very often after merge into mainline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53184",
"url": "https://www.suse.com/security/cve/CVE-2023-53184"
},
{
"category": "external",
"summary": "SUSE Bug 1249823 for CVE-2023-53184",
"url": "https://bugzilla.suse.com/1249823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53184"
},
{
"cve": "CVE-2023-53185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes\n\nA bad USB device is able to construct a service connection response\nmessage with target endpoint being ENDPOINT0 which is reserved for\nHTC_CTRL_RSVD_SVC and should not be modified to be used for any other\nservices.\n\nReject such service connection responses.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53185",
"url": "https://www.suse.com/security/cve/CVE-2023-53185"
},
{
"category": "external",
"summary": "SUSE Bug 1249820 for CVE-2023-53185",
"url": "https://bugzilla.suse.com/1249820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53185"
},
{
"cve": "CVE-2023-53187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free of new block group that became unused\n\nIf a task creates a new block group and that block group becomes unused\nbefore we finish its creation, at btrfs_create_pending_block_groups(),\nthen when btrfs_mark_bg_unused() is called against the block group, we\nassume that the block group is currently in the list of block groups to\nreclaim, and we move it out of the list of new block groups and into the\nlist of unused block groups. This has two consequences:\n\n1) We move it out of the list of new block groups associated to the\n current transaction. So the block group creation is not finished and\n if we attempt to delete the bg because it\u0027s unused, we will not find\n the block group item in the extent tree (or the new block group tree),\n its device extent items in the device tree etc, resulting in the\n deletion to fail due to the missing items;\n\n2) We don\u0027t increment the reference count on the block group when we\n move it to the list of unused block groups, because we assumed the\n block group was on the list of block groups to reclaim, and in that\n case it already has the correct reference count. However the block\n group was on the list of new block groups, in which case no extra\n reference was taken because it\u0027s local to the current task. This\n later results in doing an extra reference count decrement when\n removing the block group from the unused list, eventually leading the\n reference count to 0.\n\nThis second case was caught when running generic/297 from fstests, which\nproduced the following assertion failure and stack trace:\n\n [589.559] assertion failed: refcount_read(\u0026block_group-\u003erefs) == 1, in fs/btrfs/block-group.c:4299\n [589.559] ------------[ cut here ]------------\n [589.559] kernel BUG at fs/btrfs/block-group.c:4299!\n [589.560] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n [589.560] CPU: 8 PID: 2819134 Comm: umount Tainted: G W 6.4.0-rc6-btrfs-next-134+ #1\n [589.560] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [589.560] RIP: 0010:btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.561] Code: 68 62 da c0 (...)\n [589.561] RSP: 0018:ffffa55a8c3b3d98 EFLAGS: 00010246\n [589.561] RAX: 0000000000000058 RBX: ffff8f030d7f2000 RCX: 0000000000000000\n [589.562] RDX: 0000000000000000 RSI: ffffffff953f0878 RDI: 00000000ffffffff\n [589.562] RBP: ffff8f030d7f2088 R08: 0000000000000000 R09: ffffa55a8c3b3c50\n [589.562] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8f05850b4c00\n [589.562] R13: ffff8f030d7f2090 R14: ffff8f05850b4cd8 R15: dead000000000100\n [589.563] FS: 00007f497fd2e840(0000) GS:ffff8f09dfc00000(0000) knlGS:0000000000000000\n [589.563] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [589.563] CR2: 00007f497ff8ec10 CR3: 0000000271472006 CR4: 0000000000370ee0\n [589.563] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [589.564] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [589.564] Call Trace:\n [589.564] \u003cTASK\u003e\n [589.565] ? __die_body+0x1b/0x60\n [589.565] ? die+0x39/0x60\n [589.565] ? do_trap+0xeb/0x110\n [589.565] ? btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.566] ? do_error_trap+0x6a/0x90\n [589.566] ? btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.566] ? exc_invalid_op+0x4e/0x70\n [589.566] ? btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.567] ? asm_exc_invalid_op+0x16/0x20\n [589.567] ? btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.567] ? btrfs_free_block_groups+0x449/0x4a0 [btrfs]\n [589.567] close_ctree+0x35d/0x560 [btrfs]\n [589.568] ? fsnotify_sb_delete+0x13e/0x1d0\n [589.568] ? dispose_list+0x3a/0x50\n [589.568] ? evict_inodes+0x151/0x1a0\n [589.568] generic_shutdown_super+0x73/0x1a0\n [589.569] kill_anon_super+0x14/0x30\n [589.569] btrfs_kill_super+0x12/0x20 [btrfs]\n [589.569] deactivate_locked\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53187",
"url": "https://www.suse.com/security/cve/CVE-2023-53187"
},
{
"category": "external",
"summary": "SUSE Bug 1249815 for CVE-2023-53187",
"url": "https://bugzilla.suse.com/1249815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53187"
},
{
"cve": "CVE-2023-53189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53189"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6/addrconf: fix a potential refcount underflow for idev\n\nNow in addrconf_mod_rs_timer(), reference idev depends on whether\nrs_timer is not pending. Then modify rs_timer timeout.\n\nThere is a time gap in [1], during which if the pending rs_timer\nbecomes not pending. It will miss to hold idev, but the rs_timer\nis activated. Thus rs_timer callback function addrconf_rs_timer()\nwill be executed and put idev later without holding idev. A refcount\nunderflow issue for idev can be caused by this.\n\n\tif (!timer_pending(\u0026idev-\u003ers_timer))\n\t\tin6_dev_hold(idev);\n\t\t \u003c--------------[1]\n\tmod_timer(\u0026idev-\u003ers_timer, jiffies + when);\n\nTo fix the issue, hold idev if mod_timer() return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53189",
"url": "https://www.suse.com/security/cve/CVE-2023-53189"
},
{
"category": "external",
"summary": "SUSE Bug 1249894 for CVE-2023-53189",
"url": "https://bugzilla.suse.com/1249894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53189"
},
{
"cve": "CVE-2023-53192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53192"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix nexthop hash size\n\nThe nexthop code expects a 31 bit hash, such as what is returned by\nfib_multipath_hash() and rt6_multipath_hash(). Passing the 32 bit hash\nreturned by skb_get_hash() can lead to problems related to the fact that\n\u0027int hash\u0027 is a negative number when the MSB is set.\n\nIn the case of hash threshold nexthop groups, nexthop_select_path_hthr()\nwill disproportionately select the first nexthop group entry. In the case\nof resilient nexthop groups, nexthop_select_path_res() may do an out of\nbounds access in nh_buckets[], for example:\n hash = -912054133\n num_nh_buckets = 2\n bucket_index = 65535\n\nwhich leads to the following panic:\n\nBUG: unable to handle page fault for address: ffffc900025910c8\nPGD 100000067 P4D 100000067 PUD 10026b067 PMD 0\nOops: 0002 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 4 PID: 856 Comm: kworker/4:3 Not tainted 6.5.0-rc2+ #34\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:nexthop_select_path+0x197/0xbf0\nCode: c1 e4 05 be 08 00 00 00 4c 8b 35 a4 14 7e 01 4e 8d 6c 25 00 4a 8d 7c 25 08 48 01 dd e8 c2 25 15 ff 49 8d 7d 08 e8 39 13 15 ff \u003c4d\u003e 89 75 08 48 89 ef e8 7d 12 15 ff 48 8b 5d 00 e8 14 55 2f 00 85\nRSP: 0018:ffff88810c36f260 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 00000000002000c0 RCX: ffffffffaf02dd77\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffc900025910c8\nRBP: ffffc900025910c0 R08: 0000000000000001 R09: fffff520004b2219\nR10: ffffc900025910cf R11: 31392d2068736168 R12: 00000000002000c0\nR13: ffffc900025910c0 R14: 00000000fffef608 R15: ffff88811840e900\nFS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc900025910c8 CR3: 0000000129d00000 CR4: 0000000000750ee0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x1ee/0x5c0\n ? __pfx_is_prefetch.constprop.0+0x10/0x10\n ? __pfx_page_fault_oops+0x10/0x10\n ? search_bpf_extables+0xfe/0x1c0\n ? fixup_exception+0x3b/0x470\n ? exc_page_fault+0xf6/0x110\n ? asm_exc_page_fault+0x26/0x30\n ? nexthop_select_path+0x197/0xbf0\n ? nexthop_select_path+0x197/0xbf0\n ? lock_is_held_type+0xe7/0x140\n vxlan_xmit+0x5b2/0x2340\n ? __lock_acquire+0x92b/0x3370\n ? __pfx_vxlan_xmit+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx_register_lock_class+0x10/0x10\n ? skb_network_protocol+0xce/0x2d0\n ? dev_hard_start_xmit+0xca/0x350\n ? __pfx_vxlan_xmit+0x10/0x10\n dev_hard_start_xmit+0xca/0x350\n __dev_queue_xmit+0x513/0x1e20\n ? __pfx___dev_queue_xmit+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n ? mark_held_locks+0x44/0x90\n ? skb_push+0x4c/0x80\n ? eth_header+0x81/0xe0\n ? __pfx_eth_header+0x10/0x10\n ? neigh_resolve_output+0x215/0x310\n ? ip6_finish_output2+0x2ba/0xc90\n ip6_finish_output2+0x2ba/0xc90\n ? lock_release+0x236/0x3e0\n ? ip6_mtu+0xbb/0x240\n ? __pfx_ip6_finish_output2+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? lock_is_held_type+0xe7/0x140\n ip6_finish_output+0x1ee/0x780\n ip6_output+0x138/0x460\n ? __pfx_ip6_output+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx_ip6_finish_output+0x10/0x10\n NF_HOOK.constprop.0+0xc0/0x420\n ? __pfx_NF_HOOK.constprop.0+0x10/0x10\n ? ndisc_send_skb+0x2c0/0x960\n ? __pfx_lock_release+0x10/0x10\n ? __local_bh_enable_ip+0x93/0x110\n ? lock_is_held_type+0xe7/0x140\n ndisc_send_skb+0x4be/0x960\n ? __pfx_ndisc_send_skb+0x10/0x10\n ? mark_held_locks+0x65/0x90\n ? find_held_lock+0x83/0xa0\n ndisc_send_ns+0xb0/0x110\n ? __pfx_ndisc_send_ns+0x10/0x10\n addrconf_dad_work+0x631/0x8e0\n ? lock_acquire+0x180/0x3f0\n ? __pfx_addrconf_dad_work+0x10/0x10\n ? mark_held_locks+0x24/0x90\n process_one_work+0x582/0x9c0\n ? __pfx_process_one_work+0x10/0x10\n ? __pfx_do_raw_spin_lock+0x10/0x10\n ? mark_held_locks+0x24/0x90\n worker_thread+0x93/0x630\n ? __kthread_parkme+0xdc/0x100\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x1a5/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53192",
"url": "https://www.suse.com/security/cve/CVE-2023-53192"
},
{
"category": "external",
"summary": "SUSE Bug 1249897 for CVE-2023-53192",
"url": "https://bugzilla.suse.com/1249897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53192"
},
{
"cve": "CVE-2023-53195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53195"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init\n\nThe line cards array is not freed in the error path of\nmlxsw_m_linecards_init(), which can lead to a memory leak. Fix by\nfreeing the array in the error path, thereby making the error path\nidentical to mlxsw_m_linecards_fini().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53195",
"url": "https://www.suse.com/security/cve/CVE-2023-53195"
},
{
"category": "external",
"summary": "SUSE Bug 1249761 for CVE-2023-53195",
"url": "https://bugzilla.suse.com/1249761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53195"
},
{
"cve": "CVE-2023-53196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: qcom: Fix potential memory leak\n\nFunction dwc3_qcom_probe() allocates memory for resource structure\nwhich is pointed by parent_res pointer. This memory is not\nfreed. This leads to memory leak. Use stack memory to prevent\nmemory leak.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53196",
"url": "https://www.suse.com/security/cve/CVE-2023-53196"
},
{
"category": "external",
"summary": "SUSE Bug 1249758 for CVE-2023-53196",
"url": "https://bugzilla.suse.com/1249758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53196"
},
{
"cve": "CVE-2023-53201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: wraparound mbox producer index\n\nDriver is not handling the wraparound of the mbox producer index correctly.\nCurrently the wraparound happens once u32 max is reached.\n\nBit 31 of the producer index register is special and should be set\nonly once for the first command. Because the producer index overflow\nsetting bit31 after a long time, FW goes to initialization sequence\nand this causes FW hang.\n\nFix is to wraparound the mbox producer index once it reaches u16 max.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53201",
"url": "https://www.suse.com/security/cve/CVE-2023-53201"
},
{
"category": "external",
"summary": "SUSE Bug 1249687 for CVE-2023-53201",
"url": "https://bugzilla.suse.com/1249687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53201"
},
{
"cve": "CVE-2023-53204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix data-races around user-\u003eunix_inflight.\n\nuser-\u003eunix_inflight is changed under spin_lock(unix_gc_lock),\nbut too_many_unix_fds() reads it locklessly.\n\nLet\u0027s annotate the write/read accesses to user-\u003eunix_inflight.\n\nBUG: KCSAN: data-race in unix_attach_fds / unix_inflight\n\nwrite to 0xffffffff8546f2d0 of 8 bytes by task 44798 on cpu 1:\n unix_inflight+0x157/0x180 net/unix/scm.c:66\n unix_attach_fds+0x147/0x1e0 net/unix/scm.c:123\n unix_scm_to_skb net/unix/af_unix.c:1827 [inline]\n unix_dgram_sendmsg+0x46a/0x14f0 net/unix/af_unix.c:1950\n unix_seqpacket_sendmsg net/unix/af_unix.c:2308 [inline]\n unix_seqpacket_sendmsg+0xba/0x130 net/unix/af_unix.c:2292\n sock_sendmsg_nosec net/socket.c:725 [inline]\n sock_sendmsg+0x148/0x160 net/socket.c:748\n ____sys_sendmsg+0x4e4/0x610 net/socket.c:2494\n ___sys_sendmsg+0xc6/0x140 net/socket.c:2548\n __sys_sendmsg+0x94/0x140 net/socket.c:2577\n __do_sys_sendmsg net/socket.c:2586 [inline]\n __se_sys_sendmsg net/socket.c:2584 [inline]\n __x64_sys_sendmsg+0x45/0x50 net/socket.c:2584\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nread to 0xffffffff8546f2d0 of 8 bytes by task 44814 on cpu 0:\n too_many_unix_fds net/unix/scm.c:101 [inline]\n unix_attach_fds+0x54/0x1e0 net/unix/scm.c:110\n unix_scm_to_skb net/unix/af_unix.c:1827 [inline]\n unix_dgram_sendmsg+0x46a/0x14f0 net/unix/af_unix.c:1950\n unix_seqpacket_sendmsg net/unix/af_unix.c:2308 [inline]\n unix_seqpacket_sendmsg+0xba/0x130 net/unix/af_unix.c:2292\n sock_sendmsg_nosec net/socket.c:725 [inline]\n sock_sendmsg+0x148/0x160 net/socket.c:748\n ____sys_sendmsg+0x4e4/0x610 net/socket.c:2494\n ___sys_sendmsg+0xc6/0x140 net/socket.c:2548\n __sys_sendmsg+0x94/0x140 net/socket.c:2577\n __do_sys_sendmsg net/socket.c:2586 [inline]\n __se_sys_sendmsg net/socket.c:2584 [inline]\n __x64_sys_sendmsg+0x45/0x50 net/socket.c:2584\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nvalue changed: 0x000000000000000c -\u003e 0x000000000000000d\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 44814 Comm: systemd-coredum Not tainted 6.4.0-11989-g6843306689af #6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53204",
"url": "https://www.suse.com/security/cve/CVE-2023-53204"
},
{
"category": "external",
"summary": "SUSE Bug 1249682 for CVE-2023-53204",
"url": "https://bugzilla.suse.com/1249682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53204"
},
{
"cve": "CVE-2023-53205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390/diag: fix racy access of physical cpu number in diag 9c handler\n\nWe do check for target CPU == -1, but this might change at the time we\nare going to use it. Hold the physical target CPU in a local variable to\navoid out-of-bound accesses to the cpu arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53205",
"url": "https://www.suse.com/security/cve/CVE-2023-53205"
},
{
"category": "external",
"summary": "SUSE Bug 1249677 for CVE-2023-53205",
"url": "https://bugzilla.suse.com/1249677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53205"
},
{
"cve": "CVE-2023-53206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (pmbus_core) Fix NULL pointer dereference\n\nPass i2c_client to _pmbus_is_enabled to drop the assumption\nthat a regulator device is passed in.\n\nThis will fix the issue of a NULL pointer dereference when called from\n_pmbus_get_flags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53206",
"url": "https://www.suse.com/security/cve/CVE-2023-53206"
},
{
"category": "external",
"summary": "SUSE Bug 1249679 for CVE-2023-53206",
"url": "https://bugzilla.suse.com/1249679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53206"
},
{
"cve": "CVE-2023-53207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: fail to recover device if queue setup is interrupted\n\nIn ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is\ninterrupted by signal, queues aren\u0027t setup successfully yet, so we\nhave to fail UBLK_CMD_END_USER_RECOVERY, otherwise kernel oops can be\ntriggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53207",
"url": "https://www.suse.com/security/cve/CVE-2023-53207"
},
{
"category": "external",
"summary": "SUSE Bug 1249678 for CVE-2023-53207",
"url": "https://bugzilla.suse.com/1249678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53207"
},
{
"cve": "CVE-2023-53208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Load L1\u0027s TSC multiplier based on L1 state, not L2 state\n\nWhen emulating nested VM-Exit, load L1\u0027s TSC multiplier if L1\u0027s desired\nratio doesn\u0027t match the current ratio, not if the ratio L1 is using for\nL2 diverges from the default. Functionally, the end result is the same\nas KVM will run L2 with L1\u0027s multiplier if L2\u0027s multiplier is the default,\ni.e. checking that L1\u0027s multiplier is loaded is equivalent to checking if\nL2 has a non-default multiplier.\n\nHowever, the assertion that TSC scaling is exposed to L1 is flawed, as\nuserspace can trigger the WARN at will by writing the MSR and then\nupdating guest CPUID to hide the feature (modifying guest CPUID is\nallowed anytime before KVM_RUN). E.g. hacking KVM\u0027s state_test\nselftest to do\n\n vcpu_set_msr(vcpu, MSR_AMD64_TSC_RATIO, 0);\n vcpu_clear_cpuid_feature(vcpu, X86_FEATURE_TSCRATEMSR);\n\nafter restoring state in a new VM+vCPU yields an endless supply of:\n\n ------------[ cut here ]------------\n WARNING: CPU: 10 PID: 206939 at arch/x86/kvm/svm/nested.c:1105\n nested_svm_vmexit+0x6af/0x720 [kvm_amd]\n Call Trace:\n nested_svm_exit_handled+0x102/0x1f0 [kvm_amd]\n svm_handle_exit+0xb9/0x180 [kvm_amd]\n kvm_arch_vcpu_ioctl_run+0x1eab/0x2570 [kvm]\n kvm_vcpu_ioctl+0x4c9/0x5b0 [kvm]\n ? trace_hardirqs_off+0x4d/0xa0\n __se_sys_ioctl+0x7a/0xc0\n __x64_sys_ioctl+0x21/0x30\n do_syscall_64+0x41/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUnlike the nested VMRUN path, hoisting the svm-\u003etsc_scaling_enabled check\ninto the if-statement is wrong as KVM needs to ensure L1\u0027s multiplier is\nloaded in the above scenario. Alternatively, the WARN_ON() could simply\nbe deleted, but that would make KVM\u0027s behavior even more subtle, e.g. it\u0027s\nnot immediately obvious why it\u0027s safe to write MSR_AMD64_TSC_RATIO when\nchecking only tsc_ratio_msr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53208",
"url": "https://www.suse.com/security/cve/CVE-2023-53208"
},
{
"category": "external",
"summary": "SUSE Bug 1249698 for CVE-2023-53208",
"url": "https://bugzilla.suse.com/1249698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53208"
},
{
"cve": "CVE-2023-53209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: Fix possible NULL dereference\n\nIn a call to mac80211_hwsim_select_tx_link() the sta pointer might\nbe NULL, thus need to check that it is not NULL before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53209",
"url": "https://www.suse.com/security/cve/CVE-2023-53209"
},
{
"category": "external",
"summary": "SUSE Bug 1249856 for CVE-2023-53209",
"url": "https://bugzilla.suse.com/1249856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53209"
},
{
"cve": "CVE-2023-53210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()\n\nr5l_flush_stripe_to_raid() will check if the list \u0027flushing_ios\u0027 is\nempty, and then submit \u0027flush_bio\u0027, however, r5l_log_flush_endio()\nis clearing the list first and then clear the bio, which will cause\nnull-ptr-deref:\n\nT1: submit flush io\nraid5d\n handle_active_stripes\n r5l_flush_stripe_to_raid\n // list is empty\n // add \u0027io_end_ios\u0027 to the list\n bio_init\n submit_bio\n // io1\n\nT2: io1 is done\nr5l_log_flush_endio\n list_splice_tail_init\n // clear the list\n\t\t\tT3: submit new flush io\n\t\t\t...\n\t\t\tr5l_flush_stripe_to_raid\n\t\t\t // list is empty\n\t\t\t // add \u0027io_end_ios\u0027 to the list\n\t\t\t bio_init\n bio_uninit\n // clear bio-\u003ebi_blkg\n\t\t\t submit_bio\n\t\t\t // null-ptr-deref\n\nFix this problem by clearing bio before clearing the list in\nr5l_log_flush_endio().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53210",
"url": "https://www.suse.com/security/cve/CVE-2023-53210"
},
{
"category": "external",
"summary": "SUSE Bug 1249673 for CVE-2023-53210",
"url": "https://bugzilla.suse.com/1249673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53210"
},
{
"cve": "CVE-2023-53215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Don\u0027t balance task to its current running CPU\n\nWe\u0027ve run into the case that the balancer tries to balance a migration\ndisabled task and trigger the warning in set_task_cpu() like below:\n\n ------------[ cut here ]------------\n WARNING: CPU: 7 PID: 0 at kernel/sched/core.c:3115 set_task_cpu+0x188/0x240\n Modules linked in: hclgevf xt_CHECKSUM ipt_REJECT nf_reject_ipv4 \u003c...snip\u003e\n CPU: 7 PID: 0 Comm: swapper/7 Kdump: loaded Tainted: G O 6.1.0-rc4+ #1\n Hardware name: Huawei TaiShan 2280 V2/BC82AMDC, BIOS 2280-V2 CS V5.B221.01 12/09/2021\n pstate: 604000c9 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : set_task_cpu+0x188/0x240\n lr : load_balance+0x5d0/0xc60\n sp : ffff80000803bc70\n x29: ffff80000803bc70 x28: ffff004089e190e8 x27: ffff004089e19040\n x26: ffff007effcabc38 x25: 0000000000000000 x24: 0000000000000001\n x23: ffff80000803be84 x22: 000000000000000c x21: ffffb093e79e2a78\n x20: 000000000000000c x19: ffff004089e19040 x18: 0000000000000000\n x17: 0000000000001fad x16: 0000000000000030 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000001 x10: 0000000000000400 x9 : ffffb093e4cee530\n x8 : 00000000fffffffe x7 : 0000000000ce168a x6 : 000000000000013e\n x5 : 00000000ffffffe1 x4 : 0000000000000001 x3 : 0000000000000b2a\n x2 : 0000000000000b2a x1 : ffffb093e6d6c510 x0 : 0000000000000001\n Call trace:\n set_task_cpu+0x188/0x240\n load_balance+0x5d0/0xc60\n rebalance_domains+0x26c/0x380\n _nohz_idle_balance.isra.0+0x1e0/0x370\n run_rebalance_domains+0x6c/0x80\n __do_softirq+0x128/0x3d8\n ____do_softirq+0x18/0x24\n call_on_irq_stack+0x2c/0x38\n do_softirq_own_stack+0x24/0x3c\n __irq_exit_rcu+0xcc/0xf4\n irq_exit_rcu+0x18/0x24\n el1_interrupt+0x4c/0xe4\n el1h_64_irq_handler+0x18/0x2c\n el1h_64_irq+0x74/0x78\n arch_cpu_idle+0x18/0x4c\n default_idle_call+0x58/0x194\n do_idle+0x244/0x2b0\n cpu_startup_entry+0x30/0x3c\n secondary_start_kernel+0x14c/0x190\n __secondary_switched+0xb0/0xb4\n ---[ end trace 0000000000000000 ]---\n\nFurther investigation shows that the warning is superfluous, the migration\ndisabled task is just going to be migrated to its current running CPU.\nThis is because that on load balance if the dst_cpu is not allowed by the\ntask, we\u0027ll re-select a new_dst_cpu as a candidate. If no task can be\nbalanced to dst_cpu we\u0027ll try to balance the task to the new_dst_cpu\ninstead. In this case when the migration disabled task is not on CPU it\nonly allows to run on its current CPU, load balance will select its\ncurrent CPU as new_dst_cpu and later triggers the warning above.\n\nThe new_dst_cpu is chosen from the env-\u003edst_grpmask. Currently it\ncontains CPUs in sched_group_span() and if we have overlapped groups it\u0027s\npossible to run into this case. This patch makes env-\u003edst_grpmask of\ngroup_balance_mask() which exclude any CPUs from the busiest group and\nsolve the issue. For balancing in a domain with no overlapped groups\nthe behaviour keeps same as before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53215",
"url": "https://www.suse.com/security/cve/CVE-2023-53215"
},
{
"category": "external",
"summary": "SUSE Bug 1250397 for CVE-2023-53215",
"url": "https://bugzilla.suse.com/1250397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53215"
},
{
"cve": "CVE-2023-53217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnubus: Partially revert proc_create_single_data() conversion\n\nThe conversion to proc_create_single_data() introduced a regression\nwhereby reading a file in /proc/bus/nubus results in a seg fault:\n\n # grep -r . /proc/bus/nubus/e/\n Data read fault at 0x00000020 in Super Data (pc=0x1074c2)\n BAD KERNEL BUSERR\n Oops: 00000000\n Modules linked in:\n PC: [\u003c001074c2\u003e] PDE_DATA+0xc/0x16\n SR: 2010 SP: 38284958 a2: 01152370\n d0: 00000001 d1: 01013000 d2: 01002790 d3: 00000000\n d4: 00000001 d5: 0008ce2e a0: 00000000 a1: 00222a40\n Process grep (pid: 45, task=142f8727)\n Frame format=B ssw=074d isc=2008 isb=4e5e daddr=00000020 dobuf=01199e70\n baddr=001074c8 dibuf=ffffffff ver=f\n Stack from 01199e48:\n\t 01199e70 00222a58 01002790 00000000 011a3000 01199eb0 015000c0 00000000\n\t 00000000 01199ec0 01199ec0 000d551a 011a3000 00000001 00000000 00018000\n\t d003f000 00000003 00000001 0002800d 01052840 01199fa8 c01f8000 00000000\n\t 00000029 0b532b80 00000000 00000000 00000029 0b532b80 01199ee4 00103640\n\t 011198c0 d003f000 00018000 01199fa8 00000000 011198c0 00000000 01199f4c\n\t 000b3344 011198c0 d003f000 00018000 01199fa8 00000000 00018000 011198c0\n Call Trace: [\u003c00222a58\u003e] nubus_proc_rsrc_show+0x18/0xa0\n [\u003c000d551a\u003e] seq_read+0xc4/0x510\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c0002800d\u003e] __sys_setreuid+0x115/0x1c6\n [\u003c00103640\u003e] proc_reg_read+0x5c/0xb0\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c000b3344\u003e] __vfs_read+0x2c/0x13c\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c000b8aa2\u003e] sys_statx+0x60/0x7e\n [\u003c000b34b6\u003e] vfs_read+0x62/0x12a\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c000b39c2\u003e] ksys_read+0x48/0xbe\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c000b3a4e\u003e] sys_read+0x16/0x1a\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c00002b84\u003e] syscall+0x8/0xc\n [\u003c00018000\u003e] fp_fcos+0x2/0x82\n [\u003c0000c016\u003e] not_ext+0xa/0x18\n Code: 4e5e 4e75 4e56 0000 206e 0008 2068 ffe8 \u003c2068\u003e 0020 2008 4e5e 4e75 4e56 0000 2f0b 206e 0008 2068 0004 2668 0020 206b ffe8\n Disabling lock debugging due to kernel taint\n\n Segmentation fault\n\nThe proc_create_single_data() conversion does not work because\nsingle_open(file, nubus_proc_rsrc_show, PDE_DATA(inode)) is not\nequivalent to the original code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53217",
"url": "https://www.suse.com/security/cve/CVE-2023-53217"
},
{
"category": "external",
"summary": "SUSE Bug 1249672 for CVE-2023-53217",
"url": "https://bugzilla.suse.com/1249672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53217"
},
{
"cve": "CVE-2023-53220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53220"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: az6007: Fix null-ptr-deref in az6007_i2c_xfer()\n\nIn az6007_i2c_xfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach az6007_i2c_xfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 0ed554fd769a\n(\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53220",
"url": "https://www.suse.com/security/cve/CVE-2023-53220"
},
{
"category": "external",
"summary": "SUSE Bug 1250337 for CVE-2023-53220",
"url": "https://bugzilla.suse.com/1250337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53220"
},
{
"cve": "CVE-2023-53221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53221"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix memleak due to fentry attach failure\n\nIf it fails to attach fentry, the allocated bpf trampoline image will be\nleft in the system. That can be verified by checking /proc/kallsyms.\n\nThis meamleak can be verified by a simple bpf program as follows:\n\n SEC(\"fentry/trap_init\")\n int fentry_run()\n {\n return 0;\n }\n\nIt will fail to attach trap_init because this function is freed after\nkernel init, and then we can find the trampoline image is left in the\nsystem by checking /proc/kallsyms.\n\n $ tail /proc/kallsyms\n ffffffffc0613000 t bpf_trampoline_6442453466_1 [bpf]\n ffffffffc06c3000 t bpf_trampoline_6442453466_1 [bpf]\n\n $ bpftool btf dump file /sys/kernel/btf/vmlinux | grep \"FUNC \u0027trap_init\u0027\"\n [2522] FUNC \u0027trap_init\u0027 type_id=119 linkage=static\n\n $ echo $((6442453466 \u0026 0x7fffffff))\n 2522\n\nNote that there are two left bpf trampoline images, that is because the\nlibbpf will fallback to raw tracepoint if -EINVAL is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53221",
"url": "https://www.suse.com/security/cve/CVE-2023-53221"
},
{
"category": "external",
"summary": "SUSE Bug 1249662 for CVE-2023-53221",
"url": "https://bugzilla.suse.com/1249662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53221"
},
{
"cve": "CVE-2023-53222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: jfs_dmap: Validate db_l2nbperpage while mounting\n\nIn jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block\nnumber inside dbFree(). db_l2nbperpage, which is the log2 number of\nblocks per page, is passed as an argument to BLKTODMAP which uses it\nfor shifting.\n\nSyzbot reported a shift out-of-bounds crash because db_l2nbperpage is\ntoo big. This happens because the large value is set without any\nvalidation in dbMount() at line 181.\n\nThus, make sure that db_l2nbperpage is correct while mounting.\n\nMax number of blocks per page = Page size / Min block size\n=\u003e log2(Max num_block per page) = log2(Page size / Min block size)\n\t\t\t\t= log2(Page size) - log2(Min block size)\n\n=\u003e Max db_l2nbperpage = L2PSIZE - L2MINBLOCKSIZE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53222",
"url": "https://www.suse.com/security/cve/CVE-2023-53222"
},
{
"category": "external",
"summary": "SUSE Bug 1249864 for CVE-2023-53222",
"url": "https://bugzilla.suse.com/1249864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53222"
},
{
"cve": "CVE-2023-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix OOB and integer underflow when rx packets\n\nMake sure mwifiex_process_mgmt_packet,\nmwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet,\nmwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet\nnot out-of-bounds access the skb-\u003edata buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53226",
"url": "https://www.suse.com/security/cve/CVE-2023-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1249658 for CVE-2023-53226",
"url": "https://bugzilla.suse.com/1249658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53226"
},
{
"cve": "CVE-2023-53230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53230"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix warning in cifs_smb3_do_mount()\n\nThis fixes the following warning reported by kernel test robot\n\n fs/smb/client/cifsfs.c:982 cifs_smb3_do_mount() warn: possible\n memory leak of \u0027cifs_sb\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53230",
"url": "https://www.suse.com/security/cve/CVE-2023-53230"
},
{
"category": "external",
"summary": "SUSE Bug 1249866 for CVE-2023-53230",
"url": "https://bugzilla.suse.com/1249866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53230"
},
{
"cve": "CVE-2023-53231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: Fix detection of atomic context\n\nCurrent check for atomic context is not sufficient as\nz_erofs_decompressqueue_endio can be called under rcu lock\nfrom blk_mq_flush_plug_list(). See the stacktrace [1]\n\nIn such case we should hand off the decompression work for async\nprocessing rather than trying to do sync decompression in current\ncontext. Patch fixes the detection by checking for\nrcu_read_lock_any_held() and while at it use more appropriate\n!in_task() check than in_atomic().\n\nBackground: Historically erofs would always schedule a kworker for\ndecompression which would incur the scheduling cost regardless of\nthe context. But z_erofs_decompressqueue_endio() may not always\nbe in atomic context and we could actually benefit from doing the\ndecompression in z_erofs_decompressqueue_endio() if we are in\nthread context, for example when running with dm-verity.\nThis optimization was later added in patch [2] which has shown\nimprovement in performance benchmarks.\n\n==============================================\n[1] Problem stacktrace\n[name:core\u0026]BUG: sleeping function called from invalid context at kernel/locking/mutex.c:291\n[name:core\u0026]in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 1615, name: CpuMonitorServi\n[name:core\u0026]preempt_count: 0, expected: 0\n[name:core\u0026]RCU nest depth: 1, expected: 0\nCPU: 7 PID: 1615 Comm: CpuMonitorServi Tainted: G S W OE 6.1.25-android14-5-maybe-dirty-mainline #1\nHardware name: MT6897 (DT)\nCall trace:\n dump_backtrace+0x108/0x15c\n show_stack+0x20/0x30\n dump_stack_lvl+0x6c/0x8c\n dump_stack+0x20/0x48\n __might_resched+0x1fc/0x308\n __might_sleep+0x50/0x88\n mutex_lock+0x2c/0x110\n z_erofs_decompress_queue+0x11c/0xc10\n z_erofs_decompress_kickoff+0x110/0x1a4\n z_erofs_decompressqueue_endio+0x154/0x180\n bio_endio+0x1b0/0x1d8\n __dm_io_complete+0x22c/0x280\n clone_endio+0xe4/0x280\n bio_endio+0x1b0/0x1d8\n blk_update_request+0x138/0x3a4\n blk_mq_plug_issue_direct+0xd4/0x19c\n blk_mq_flush_plug_list+0x2b0/0x354\n __blk_flush_plug+0x110/0x160\n blk_finish_plug+0x30/0x4c\n read_pages+0x2fc/0x370\n page_cache_ra_unbounded+0xa4/0x23c\n page_cache_ra_order+0x290/0x320\n do_sync_mmap_readahead+0x108/0x2c0\n filemap_fault+0x19c/0x52c\n __do_fault+0xc4/0x114\n handle_mm_fault+0x5b4/0x1168\n do_page_fault+0x338/0x4b4\n do_translation_fault+0x40/0x60\n do_mem_abort+0x60/0xc8\n el0_da+0x4c/0xe0\n el0t_64_sync_handler+0xd4/0xfc\n el0t_64_sync+0x1a0/0x1a4\n\n[2] Link: https://lore.kernel.org/all/20210317035448.13921-1-huangjianan@oppo.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53231",
"url": "https://www.suse.com/security/cve/CVE-2023-53231"
},
{
"category": "external",
"summary": "SUSE Bug 1249787 for CVE-2023-53231",
"url": "https://bugzilla.suse.com/1249787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53231"
},
{
"cve": "CVE-2023-53235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tests: helpers: Avoid a driver uaf\n\nwhen using __drm_kunit_helper_alloc_drm_device() the driver may be\ndereferenced by device-managed resources up until the device is\nfreed, which is typically later than the kunit-managed resource code\nfrees it. Fix this by simply make the driver device-managed as well.\n\nIn short, the sequence leading to the UAF is as follows:\n\nINIT:\nCode allocates a struct device as a kunit-managed resource.\nCode allocates a drm driver as a kunit-managed resource.\nCode allocates a drm device as a device-managed resource.\n\nEXIT:\nKunit resource cleanup frees the drm driver\nKunit resource cleanup puts the struct device, which starts a\n device-managed resource cleanup\ndevice-managed cleanup calls drm_dev_put()\ndrm_dev_put() dereferences the (now freed) drm driver -\u003e Boom.\n\nRelated KASAN message:\n[55272.551542] ==================================================================\n[55272.551551] BUG: KASAN: slab-use-after-free in drm_dev_put.part.0+0xd4/0xe0 [drm]\n[55272.551603] Read of size 8 at addr ffff888127502828 by task kunit_try_catch/10353\n\n[55272.551612] CPU: 4 PID: 10353 Comm: kunit_try_catch Tainted: G U N 6.5.0-rc7+ #155\n[55272.551620] Hardware name: ASUS System Product Name/PRIME B560M-A AC, BIOS 0403 01/26/2021\n[55272.551626] Call Trace:\n[55272.551629] \u003cTASK\u003e\n[55272.551633] dump_stack_lvl+0x57/0x90\n[55272.551639] print_report+0xcf/0x630\n[55272.551645] ? _raw_spin_lock_irqsave+0x5f/0x70\n[55272.551652] ? drm_dev_put.part.0+0xd4/0xe0 [drm]\n[55272.551694] kasan_report+0xd7/0x110\n[55272.551699] ? drm_dev_put.part.0+0xd4/0xe0 [drm]\n[55272.551742] drm_dev_put.part.0+0xd4/0xe0 [drm]\n[55272.551783] devres_release_all+0x15d/0x1f0\n[55272.551790] ? __pfx_devres_release_all+0x10/0x10\n[55272.551797] device_unbind_cleanup+0x16/0x1a0\n[55272.551802] device_release_driver_internal+0x3e5/0x540\n[55272.551808] ? kobject_put+0x5d/0x4b0\n[55272.551814] bus_remove_device+0x1f1/0x3f0\n[55272.551819] device_del+0x342/0x910\n[55272.551826] ? __pfx_device_del+0x10/0x10\n[55272.551830] ? lock_release+0x339/0x5e0\n[55272.551836] ? kunit_remove_resource+0x128/0x290 [kunit]\n[55272.551845] ? __pfx_lock_release+0x10/0x10\n[55272.551851] platform_device_del.part.0+0x1f/0x1e0\n[55272.551856] ? _raw_spin_unlock_irqrestore+0x30/0x60\n[55272.551863] kunit_remove_resource+0x195/0x290 [kunit]\n[55272.551871] ? _raw_spin_unlock_irqrestore+0x30/0x60\n[55272.551877] kunit_cleanup+0x78/0x120 [kunit]\n[55272.551885] ? __kthread_parkme+0xc1/0x1f0\n[55272.551891] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [kunit]\n[55272.551900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [kunit]\n[55272.551909] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]\n[55272.551919] kthread+0x2e7/0x3c0\n[55272.551924] ? __pfx_kthread+0x10/0x10\n[55272.551929] ret_from_fork+0x2d/0x70\n[55272.551935] ? __pfx_kthread+0x10/0x10\n[55272.551940] ret_from_fork_asm+0x1b/0x30\n[55272.551948] \u003c/TASK\u003e\n\n[55272.551953] Allocated by task 10351:\n[55272.551956] kasan_save_stack+0x1c/0x40\n[55272.551962] kasan_set_track+0x21/0x30\n[55272.551966] __kasan_kmalloc+0x8b/0x90\n[55272.551970] __kmalloc+0x5e/0x160\n[55272.551976] kunit_kmalloc_array+0x1c/0x50 [kunit]\n[55272.551984] drm_exec_test_init+0xfa/0x2c0 [drm_exec_test]\n[55272.551991] kunit_try_run_case+0xdd/0x250 [kunit]\n[55272.551999] kunit_generic_run_threadfn_adapter+0x4a/0x90 [kunit]\n[55272.552008] kthread+0x2e7/0x3c0\n[55272.552012] ret_from_fork+0x2d/0x70\n[55272.552017] ret_from_fork_asm+0x1b/0x30\n\n[55272.552024] Freed by task 10353:\n[55272.552027] kasan_save_stack+0x1c/0x40\n[55272.552032] kasan_set_track+0x21/0x30\n[55272.552036] kasan_save_free_info+0x27/0x40\n[55272.552041] __kasan_slab_free+0x106/0x180\n[55272.552046] slab_free_freelist_hook+0xb3/0x160\n[55272.552051] __kmem_cache_free+0xb2/0x290\n[55272.552056] kunit_remove_resource+0x195/0x290 [kunit]\n[55272.552064] kunit_cleanup+0x7\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53235",
"url": "https://www.suse.com/security/cve/CVE-2023-53235"
},
{
"category": "external",
"summary": "SUSE Bug 1249785 for CVE-2023-53235",
"url": "https://bugzilla.suse.com/1249785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53235"
},
{
"cve": "CVE-2023-53238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()\n\nThe size of array \u0027priv-\u003eports[]\u0027 is INNO_PHY_PORT_NUM.\n\nIn the for loop, \u0027i\u0027 is used as the index for array \u0027priv-\u003eports[]\u0027\nwith a check (i \u003e INNO_PHY_PORT_NUM) which indicates that\nINNO_PHY_PORT_NUM is allowed value for \u0027i\u0027 in the same loop.\n\nThis \u003e comparison needs to be changed to \u003e=, otherwise it potentially leads\nto an out of bounds write on the next iteration through the loop",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53238",
"url": "https://www.suse.com/security/cve/CVE-2023-53238"
},
{
"category": "external",
"summary": "SUSE Bug 1249707 for CVE-2023-53238",
"url": "https://bugzilla.suse.com/1249707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53238"
},
{
"cve": "CVE-2023-53243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53243"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile\n\nCallers of `btrfs_reduce_alloc_profile` expect it to return exactly\none allocation profile flag, and failing to do so may ultimately\nresult in a WARN_ON and remount-ro when allocating new blocks, like\nthe below transaction abort on 6.1.\n\n`btrfs_reduce_alloc_profile` has two ways of determining the profile,\nfirst it checks if a conversion balance is currently running and\nuses the profile we\u0027re converting to. If no balance is currently\nrunning, it returns the max-redundancy profile which at least one\nblock in the selected block group has.\n\nThis works by simply checking each known allocation profile bit in\nredundancy order. However, `btrfs_reduce_alloc_profile` has not been\nupdated as new flags have been added - first with the `DUP` profile\nand later with the RAID1C34 profiles.\n\nBecause of the way it checks, if we have blocks with different\nprofiles and at least one is known, that profile will be selected.\nHowever, if none are known we may return a flag set with multiple\nallocation profiles set.\n\nThis is currently only possible when a balance from one of the three\nunhandled profiles to another of the unhandled profiles is canceled\nafter allocating at least one block using the new profile.\n\nIn that case, a transaction abort like the below will occur and the\nfilesystem will need to be mounted with -o skip_balance to get it\nmounted rw again (but the balance cannot be resumed without a\nsimilar abort).\n\n [770.648] ------------[ cut here ]------------\n [770.648] BTRFS: Transaction aborted (error -22)\n [770.648] WARNING: CPU: 43 PID: 1159593 at fs/btrfs/extent-tree.c:4122 find_free_extent+0x1d94/0x1e00 [btrfs]\n [770.648] CPU: 43 PID: 1159593 Comm: btrfs Tainted: G W 6.1.0-0.deb11.7-powerpc64le #1 Debian 6.1.20-2~bpo11+1a~test\n [770.648] Hardware name: T2P9D01 REV 1.00 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n [770.648] NIP: c00800000f6784fc LR: c00800000f6784f8 CTR: c000000000d746c0\n [770.648] REGS: c000200089afe9a0 TRAP: 0700 Tainted: G W (6.1.0-0.deb11.7-powerpc64le Debian 6.1.20-2~bpo11+1a~test)\n [770.648] MSR: 9000000002029033 \u003cSF,HV,VEC,EE,ME,IR,DR,RI,LE\u003e CR: 28848282 XER: 20040000\n [770.648] CFAR: c000000000135110 IRQMASK: 0\n\t GPR00: c00800000f6784f8 c000200089afec40 c00800000f7ea800 0000000000000026\n\t GPR04: 00000001004820c2 c000200089afea00 c000200089afe9f8 0000000000000027\n\t GPR08: c000200ffbfe7f98 c000000002127f90 ffffffffffffffd8 0000000026d6a6e8\n\t GPR12: 0000000028848282 c000200fff7f3800 5deadbeef0000122 c00000002269d000\n\t GPR16: c0002008c7797c40 c000200089afef17 0000000000000000 0000000000000000\n\t GPR20: 0000000000000000 0000000000000001 c000200008bc5a98 0000000000000001\n\t GPR24: 0000000000000000 c0000003c73088d0 c000200089afef17 c000000016d3a800\n\t GPR28: c0000003c7308800 c00000002269d000 ffffffffffffffea 0000000000000001\n [770.648] NIP [c00800000f6784fc] find_free_extent+0x1d94/0x1e00 [btrfs]\n [770.648] LR [c00800000f6784f8] find_free_extent+0x1d90/0x1e00 [btrfs]\n [770.648] Call Trace:\n [770.648] [c000200089afec40] [c00800000f6784f8] find_free_extent+0x1d90/0x1e00 [btrfs] (unreliable)\n [770.648] [c000200089afed30] [c00800000f681398] btrfs_reserve_extent+0x1a0/0x2f0 [btrfs]\n [770.648] [c000200089afeea0] [c00800000f681bf0] btrfs_alloc_tree_block+0x108/0x670 [btrfs]\n [770.648] [c000200089afeff0] [c00800000f66bd68] __btrfs_cow_block+0x170/0x850 [btrfs]\n [770.648] [c000200089aff100] [c00800000f66c58c] btrfs_cow_block+0x144/0x288 [btrfs]\n [770.648] [c000200089aff1b0] [c00800000f67113c] btrfs_search_slot+0x6b4/0xcb0 [btrfs]\n [770.648] [c000200089aff2a0] [c00800000f679f60] lookup_inline_extent_backref+0x128/0x7c0 [btrfs]\n [770.648] [c000200089aff3b0] [c00800000f67b338] lookup_extent_backref+0x70/0x190 [btrfs]\n [770.648] [c000200089aff470] [c00800000f67b54c] __btrfs_free_extent+0xf4/0x1490 [btrfs]\n [770.648] [\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53243",
"url": "https://www.suse.com/security/cve/CVE-2023-53243"
},
{
"category": "external",
"summary": "SUSE Bug 1249640 for CVE-2023-53243",
"url": "https://bugzilla.suse.com/1249640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53243"
},
{
"cve": "CVE-2023-53245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\n\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\ndevice is handled by the storvsc driver. The storvsc driver includes a\npartial integration with the FC transport implemented in the generic\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\nin /sys. However, the partial integration means that some aspects of vFC\ndon\u0027t work properly. Unfortunately, a full and correct integration isn\u0027t\npractical because of limitations in what Hyper-V provides to the guest.\n\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\nfunction fc_eh_timed_out() causes a kernel panic because it can\u0027t find the\nrport and dereferences a NULL pointer. The original patch that added the\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\nregard.\n\nIn many cases a timeout is due to a transient condition, so the situation\ncan be improved by just continuing to wait like with other I/O requests\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\nfailure, continuing to wait may result in a hung thread instead of a panic,\nwhich again may be better.\n\nSo fix the panic by removing the storvsc call to fc_eh_timed_out(). This\nallows storvsc to keep waiting for a response. The change has been tested\nby users who experienced a panic in fc_eh_timed_out() due to transient\ntimeouts, and it solves their problem.\n\nIn the future we may want to deprecate the vFC functionality in storvsc\nsince it can\u0027t be fully fixed. But it has current users for whom it is\nworking well enough, so it should probably stay for a while longer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53245",
"url": "https://www.suse.com/security/cve/CVE-2023-53245"
},
{
"category": "external",
"summary": "SUSE Bug 1249641 for CVE-2023-53245",
"url": "https://bugzilla.suse.com/1249641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53245"
},
{
"cve": "CVE-2023-53247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand\n\nWhile trying to get the subpage blocksize tests running, I hit the\nfollowing panic on generic/476\n\n assertion failed: PagePrivate(page) \u0026\u0026 page-\u003eprivate, in fs/btrfs/subpage.c:229\n kernel BUG at fs/btrfs/subpage.c:229!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n CPU: 1 PID: 1453 Comm: fsstress Not tainted 6.4.0-rc7+ #12\n Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20230301gitf80f052277c8-26.fc38 03/01/2023\n pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n pc : btrfs_subpage_assert+0xbc/0xf0\n lr : btrfs_subpage_assert+0xbc/0xf0\n Call trace:\n btrfs_subpage_assert+0xbc/0xf0\n btrfs_subpage_clear_checked+0x38/0xc0\n btrfs_page_clear_checked+0x48/0x98\n btrfs_truncate_block+0x5d0/0x6a8\n btrfs_cont_expand+0x5c/0x528\n btrfs_write_check.isra.0+0xf8/0x150\n btrfs_buffered_write+0xb4/0x760\n btrfs_do_write_iter+0x2f8/0x4b0\n btrfs_file_write_iter+0x1c/0x30\n do_iter_readv_writev+0xc8/0x158\n do_iter_write+0x9c/0x210\n vfs_iter_write+0x24/0x40\n iter_file_splice_write+0x224/0x390\n direct_splice_actor+0x38/0x68\n splice_direct_to_actor+0x12c/0x260\n do_splice_direct+0x90/0xe8\n generic_copy_file_range+0x50/0x90\n vfs_copy_file_range+0x29c/0x470\n __arm64_sys_copy_file_range+0xcc/0x498\n invoke_syscall.constprop.0+0x80/0xd8\n do_el0_svc+0x6c/0x168\n el0_svc+0x50/0x1b0\n el0t_64_sync_handler+0x114/0x120\n el0t_64_sync+0x194/0x198\n\nThis happens because during btrfs_cont_expand we\u0027ll get a page, set it\nas mapped, and if it\u0027s not Uptodate we\u0027ll read it. However between the\nread and re-locking the page we could have called release_folio() on the\npage, but left the page in the file mapping. release_folio() can clear\nthe page private, and thus further down we blow up when we go to modify\nthe subpage bits.\n\nFix this by putting the set_page_extent_mapped() after the read. This\nis safe because read_folio() will call set_page_extent_mapped() before\nit does the read, and then if we clear page private but leave it on the\nmapping we\u0027re completely safe re-setting set_page_extent_mapped(). With\nthis patch I can now run generic/476 without panicing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53247",
"url": "https://www.suse.com/security/cve/CVE-2023-53247"
},
{
"category": "external",
"summary": "SUSE Bug 1249870 for CVE-2023-53247",
"url": "https://bugzilla.suse.com/1249870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53247"
},
{
"cve": "CVE-2023-53248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: install stub fence into potential unused fence pointers\n\nWhen using cpu to update page tables, vm update fences are unused.\nInstall stub fence into these fence pointers instead of NULL\nto avoid NULL dereference when calling dma_fence_wait() on them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53248",
"url": "https://www.suse.com/security/cve/CVE-2023-53248"
},
{
"category": "external",
"summary": "SUSE Bug 1249779 for CVE-2023-53248",
"url": "https://bugzilla.suse.com/1249779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53248"
},
{
"cve": "CVE-2023-53249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe\n\nUse devm_of_iomap() instead of of_iomap() to automatically handle\nthe unused ioremap region.\n\nIf any error occurs, regions allocated by kzalloc() will leak,\nbut using devm_kzalloc() instead will automatically free the memory\nusing devm_kfree().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53249",
"url": "https://www.suse.com/security/cve/CVE-2023-53249"
},
{
"category": "external",
"summary": "SUSE Bug 1249642 for CVE-2023-53249",
"url": "https://bugzilla.suse.com/1249642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53249"
},
{
"cve": "CVE-2023-53251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler()\n\nrxq can be NULL only when trans_pcie-\u003erxq is NULL and entry-\u003eentry\nis zero. For the case when entry-\u003eentry is not equal to 0, rxq\nwon\u0027t be NULL even if trans_pcie-\u003erxq is NULL. Modify checker to\ncheck for trans_pcie-\u003erxq.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53251",
"url": "https://www.suse.com/security/cve/CVE-2023-53251"
},
{
"category": "external",
"summary": "SUSE Bug 1249730 for CVE-2023-53251",
"url": "https://bugzilla.suse.com/1249730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53251"
},
{
"cve": "CVE-2023-53252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: use RCU for hci_conn_params and iterate safely in hci_sync\n\nhci_update_accept_list_sync iterates over hdev-\u003epend_le_conns and\nhdev-\u003epend_le_reports, and waits for controller events in the loop body,\nwithout holding hdev lock.\n\nMeanwhile, these lists and the items may be modified e.g. by\nle_scan_cleanup. This can invalidate the list cursor or any other item\nin the list, resulting to invalid behavior (eg use-after-free).\n\nUse RCU for the hci_conn_params action lists. Since the loop bodies in\nhci_sync block and we cannot use RCU or hdev-\u003elock for the whole loop,\ncopy list items first and then iterate on the copy. Only the flags field\nis written from elsewhere, so READ_ONCE/WRITE_ONCE should guarantee we\nread valid values.\n\nFree params everywhere with hci_conn_params_free so the cleanup is\nguaranteed to be done properly.\n\nThis fixes the following, which can be triggered e.g. by BlueZ new\nmgmt-tester case \"Add + Remove Device Nowait - Success\", or by changing\nhci_le_set_cig_params to always return false, and running iso-tester:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nRead of size 8 at addr ffff888001265018 by task kworker/u3:0/32\n\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (./arch/x86/include/asm/irqflags.h:134 lib/dump_stack.c:107)\nprint_report (mm/kasan/report.c:320 mm/kasan/report.c:430)\n? __virt_addr_valid (./include/linux/mmzone.h:1915 ./include/linux/mmzone.h:2011 arch/x86/mm/physaddr.c:65)\n? hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nkasan_report (mm/kasan/report.c:538)\n? hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\nhci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2536 net/bluetooth/hci_sync.c:2723 net/bluetooth/hci_sync.c:2841)\n? __pfx_hci_update_passive_scan_sync (net/bluetooth/hci_sync.c:2780)\n? mutex_lock (kernel/locking/mutex.c:282)\n? __pfx_mutex_lock (kernel/locking/mutex.c:282)\n? __pfx_mutex_unlock (kernel/locking/mutex.c:538)\n? __pfx_update_passive_scan_sync (net/bluetooth/hci_sync.c:2861)\nhci_cmd_sync_work (net/bluetooth/hci_sync.c:306)\nprocess_one_work (./arch/x86/include/asm/preempt.h:27 kernel/workqueue.c:2399)\nworker_thread (./include/linux/list.h:292 kernel/workqueue.c:2538)\n? __pfx_worker_thread (kernel/workqueue.c:2480)\nkthread (kernel/kthread.c:376)\n? __pfx_kthread (kernel/kthread.c:331)\nret_from_fork (arch/x86/entry/entry_64.S:314)\n\u003c/TASK\u003e\n\nAllocated by task 31:\nkasan_save_stack (mm/kasan/common.c:46)\nkasan_set_track (mm/kasan/common.c:52)\n__kasan_kmalloc (mm/kasan/common.c:374 mm/kasan/common.c:383)\nhci_conn_params_add (./include/linux/slab.h:580 ./include/linux/slab.h:720 net/bluetooth/hci_core.c:2277)\nhci_connect_le_scan (net/bluetooth/hci_conn.c:1419 net/bluetooth/hci_conn.c:1589)\nhci_connect_cis (net/bluetooth/hci_conn.c:2266)\niso_connect_cis (net/bluetooth/iso.c:390)\niso_sock_connect (net/bluetooth/iso.c:899)\n__sys_connect (net/socket.c:2003 net/socket.c:2020)\n__x64_sys_connect (net/socket.c:2027)\ndo_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)\n\nFreed by task 15:\nkasan_save_stack (mm/kasan/common.c:46)\nkasan_set_track (mm/kasan/common.c:52)\nkasan_save_free_info (mm/kasan/generic.c:523)\n__kasan_slab_free (mm/kasan/common.c:238 mm/kasan/common.c:200 mm/kasan/common.c:244)\n__kmem_cache_free (mm/slub.c:1807 mm/slub.c:3787 mm/slub.c:3800)\nhci_conn_params_del (net/bluetooth/hci_core.c:2323)\nle_scan_cleanup (net/bluetooth/hci_conn.c:202)\nprocess_one_work (./arch/x86/include/asm/preempt.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53252",
"url": "https://www.suse.com/security/cve/CVE-2023-53252"
},
{
"category": "external",
"summary": "SUSE Bug 1249756 for CVE-2023-53252",
"url": "https://bugzilla.suse.com/1249756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53252"
},
{
"cve": "CVE-2023-53255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()\n\nsvc_create_memory_pool() is only called from stratix10_svc_drv_probe().\nMost of resources in the probe are managed, but not this memremap() call.\n\nThere is also no memunmap() call in the file.\n\nSo switch to devm_memremap() to avoid a resource leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53255",
"url": "https://www.suse.com/security/cve/CVE-2023-53255"
},
{
"category": "external",
"summary": "SUSE Bug 1249762 for CVE-2023-53255",
"url": "https://bugzilla.suse.com/1249762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53255"
},
{
"cve": "CVE-2023-53257",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53257"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check S1G action frame size\n\nBefore checking the action code, check that it even\nexists in the frame.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53257",
"url": "https://www.suse.com/security/cve/CVE-2023-53257"
},
{
"category": "external",
"summary": "SUSE Bug 1249869 for CVE-2023-53257",
"url": "https://bugzilla.suse.com/1249869"
},
{
"category": "external",
"summary": "SUSE Bug 1250730 for CVE-2023-53257",
"url": "https://bugzilla.suse.com/1250730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53257"
},
{
"cve": "CVE-2023-53258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix possible underflow for displays with large vblank\n\n[Why]\nUnderflow observed when using a display with a large vblank region\nand low refresh rate\n\n[How]\nSimplify calculation of vblank_nom\n\nIncrease value for VBlankNomDefaultUS to 800us",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53258",
"url": "https://www.suse.com/security/cve/CVE-2023-53258"
},
{
"category": "external",
"summary": "SUSE Bug 1249780 for CVE-2023-53258",
"url": "https://bugzilla.suse.com/1249780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53258"
},
{
"cve": "CVE-2023-53260",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53260"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix null pointer dereference in ovl_permission()\n\nFollowing process:\n P1 P2\n path_lookupat\n link_path_walk\n inode_permission\n ovl_permission\n ovl_i_path_real(inode, \u0026realpath)\n path-\u003edentry = ovl_i_dentry_upper(inode)\n drop_cache\n\t\t\t __dentry_kill(ovl_dentry)\n\t\t iput(ovl_inode)\n\t\t ovl_destroy_inode(ovl_inode)\n\t\t dput(oi-\u003e__upperdentry)\n\t\t dentry_kill(upperdentry)\n\t\t dentry_unlink_inode\n\t\t\t\t upperdentry-\u003ed_inode = NULL\n realinode = d_inode(realpath.dentry) // return NULL\n inode_permission(realinode)\n inode-\u003ei_sb // NULL pointer dereference\n, will trigger an null pointer dereference at realinode:\n [ 335.664979] BUG: kernel NULL pointer dereference,\n address: 0000000000000002\n [ 335.668032] CPU: 0 PID: 2592 Comm: ls Not tainted 6.3.0\n [ 335.669956] RIP: 0010:inode_permission+0x33/0x2c0\n [ 335.678939] Call Trace:\n [ 335.679165] \u003cTASK\u003e\n [ 335.679371] ovl_permission+0xde/0x320\n [ 335.679723] inode_permission+0x15e/0x2c0\n [ 335.680090] link_path_walk+0x115/0x550\n [ 335.680771] path_lookupat.isra.0+0xb2/0x200\n [ 335.681170] filename_lookup+0xda/0x240\n [ 335.681922] vfs_statx+0xa6/0x1f0\n [ 335.682233] vfs_fstatat+0x7b/0xb0\n\nFetch a reproducer in [Link].\n\nUse the helper ovl_i_path_realinode() to get realinode and then do\nnon-nullptr checking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53260",
"url": "https://www.suse.com/security/cve/CVE-2023-53260"
},
{
"category": "external",
"summary": "SUSE Bug 1249768 for CVE-2023-53260",
"url": "https://bugzilla.suse.com/1249768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53260"
},
{
"cve": "CVE-2023-53261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: Fix memory leak in acpi_buffer-\u003epointer\n\nThere are memory leaks reported by kmemleak:\n...\nunreferenced object 0xffff00213c141000 (size 1024):\n comm \"systemd-udevd\", pid 2123, jiffies 4294909467 (age 6062.160s)\n hex dump (first 32 bytes):\n 04 00 00 00 02 00 00 00 18 10 14 3c 21 00 ff ff ...........\u003c!...\n 00 00 00 00 00 00 00 00 03 00 00 00 10 00 00 00 ................\n backtrace:\n [\u003c000000004b7c9001\u003e] __kmem_cache_alloc_node+0x2f8/0x348\n [\u003c00000000b0fc7ceb\u003e] __kmalloc+0x58/0x108\n [\u003c0000000064ff4695\u003e] acpi_os_allocate+0x2c/0x68\n [\u003c000000007d57d116\u003e] acpi_ut_initialize_buffer+0x54/0xe0\n [\u003c0000000024583908\u003e] acpi_evaluate_object+0x388/0x438\n [\u003c0000000017b2e72b\u003e] acpi_evaluate_object_typed+0xe8/0x240\n [\u003c000000005df0eac2\u003e] coresight_get_platform_data+0x1b4/0x988 [coresight]\n...\n\nThe ACPI buffer memory (buf.pointer) should be freed. But the buffer\nis also used after returning from acpi_get_dsd_graph().\nMove the temporary variables buf to acpi_coresight_parse_graph(),\nand free it before the function return to prevent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53261",
"url": "https://www.suse.com/security/cve/CVE-2023-53261"
},
{
"category": "external",
"summary": "SUSE Bug 1249770 for CVE-2023-53261",
"url": "https://bugzilla.suse.com/1249770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53261"
},
{
"cve": "CVE-2023-53263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create\n\nWe can\u0027t simply free the connector after calling drm_connector_init on it.\nWe need to clean up the drm side first.\n\nIt might not fix all regressions from commit 2b5d1c29f6c4\n(\"drm/nouveau/disp: PIOR DP uses GPIO for HPD, not PMGR AUX interrupts\"),\nbut at least it fixes a memory corruption in error handling related to\nthat commit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53263",
"url": "https://www.suse.com/security/cve/CVE-2023-53263"
},
{
"category": "external",
"summary": "SUSE Bug 1249861 for CVE-2023-53263",
"url": "https://bugzilla.suse.com/1249861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53263"
},
{
"cve": "CVE-2023-53264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe\n\nUse devm_of_iomap() instead of of_iomap() to automatically\nhandle the unused ioremap region. If any error occurs, regions allocated by\nkzalloc() will leak, but using devm_kzalloc() instead will automatically\nfree the memory using devm_kfree().\n\nAlso, fix error handling of hws by adding unregister_hws label, which\nunregisters remaining hws when iomap failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53264",
"url": "https://www.suse.com/security/cve/CVE-2023-53264"
},
{
"category": "external",
"summary": "SUSE Bug 1249795 for CVE-2023-53264",
"url": "https://bugzilla.suse.com/1249795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53264"
},
{
"cve": "CVE-2023-53272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: fix shift-out-of-bounds in exponential backoff\n\nThe ENA adapters on our instances occasionally reset. Once recently\nlogged a UBSAN failure to console in the process:\n\n UBSAN: shift-out-of-bounds in build/linux/drivers/net/ethernet/amazon/ena/ena_com.c:540:13\n shift exponent 32 is too large for 32-bit type \u0027unsigned int\u0027\n CPU: 28 PID: 70012 Comm: kworker/u72:2 Kdump: loaded not tainted 5.15.117\n Hardware name: Amazon EC2 c5d.9xlarge/, BIOS 1.0 10/16/2017\n Workqueue: ena ena_fw_reset_device [ena]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e\n ? __const_udelay+0x43/0x50\n ena_delay_exponential_backoff_us.cold+0x16/0x1e [ena]\n wait_for_reset_state+0x54/0xa0 [ena]\n ena_com_dev_reset+0xc8/0x110 [ena]\n ena_down+0x3fe/0x480 [ena]\n ena_destroy_device+0xeb/0xf0 [ena]\n ena_fw_reset_device+0x30/0x50 [ena]\n process_one_work+0x22b/0x3d0\n worker_thread+0x4d/0x3f0\n ? process_one_work+0x3d0/0x3d0\n kthread+0x12a/0x150\n ? set_kthread_struct+0x50/0x50\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\nApparently, the reset delays are getting so large they can trigger a\nUBSAN panic.\n\nLooking at the code, the current timeout is capped at 5000us. Using a\nbase value of 100us, the current code will overflow after (1\u003c\u003c29). Even\nat values before 32, this function wraps around, perhaps\nunintentionally.\n\nCap the value of the exponent used for this backoff at (1\u003c\u003c16) which is\nlarger than currently necessary, but large enough to support bigger\nvalues in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53272",
"url": "https://www.suse.com/security/cve/CVE-2023-53272"
},
{
"category": "external",
"summary": "SUSE Bug 1249917 for CVE-2023-53272",
"url": "https://bugzilla.suse.com/1249917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53272"
},
{
"cve": "CVE-2023-53274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: mt8183: Add back SSPM related clocks\n\nThis reverts commit 860690a93ef23b567f781c1b631623e27190f101.\n\nOn the MT8183, the SSPM related clocks were removed claiming a lack of\nusage. This however causes some issues when the driver was converted to\nthe new simple-probe mechanism. This mechanism allocates enough space\nfor all the clocks defined in the clock driver, not the highest index\nin the DT binding. This leads to out-of-bound writes if their are holes\nin the DT binding or the driver (due to deprecated or unimplemented\nclocks). These errors can go unnoticed and cause memory corruption,\nleading to crashes in unrelated areas, or nothing at all. KASAN will\ndetect them.\n\nAdd the SSPM related clocks back to the MT8183 clock driver to fully\nimplement the DT binding. The SSPM clocks are for the power management\nco-processor, and should never be turned off. They are marked as such.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53274",
"url": "https://www.suse.com/security/cve/CVE-2023-53274"
},
{
"category": "external",
"summary": "SUSE Bug 1249919 for CVE-2023-53274",
"url": "https://bugzilla.suse.com/1249919"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53274"
},
{
"cve": "CVE-2023-53275",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53275"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync()\n\nThe variable codec-\u003eregmap is often protected by the lock\ncodec-\u003eregmap_lock when is accessed. However, it is accessed without\nholding the lock when is accessed in snd_hdac_regmap_sync():\n\n if (codec-\u003eregmap)\n\nIn my opinion, this may be a harmful race, because if codec-\u003eregmap is\nset to NULL right after the condition is checked, a null-pointer\ndereference can occur in the called function regcache_sync():\n\n map-\u003elock(map-\u003elock_arg); --\u003e Line 360 in drivers/base/regmap/regcache.c\n\nTo fix this possible null-pointer dereference caused by data race, the\nmutex_lock coverage is extended to protect the if statement as well as the\nfunction call to regcache_sync().\n\n[ Note: the lack of the regmap_lock itself is harmless for the current\n codec driver implementations, as snd_hdac_regmap_sync() is only for\n PM runtime resume that is prohibited during the codec probe.\n But the change makes the whole code more consistent, so it\u0027s merged\n as is -- tiwai ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53275",
"url": "https://www.suse.com/security/cve/CVE-2023-53275"
},
{
"category": "external",
"summary": "SUSE Bug 1250459 for CVE-2023-53275",
"url": "https://bugzilla.suse.com/1250459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53275"
},
{
"cve": "CVE-2023-53280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53280"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Remove unused nvme_ls_waitq wait queue\n\nSystem crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up\ngets called for uninitialized wait queue sp-\u003envme_ls_waitq.\n\n qla2xxx [0000:37:00.1]-2121:5: Returning existing qpair of ffff8ae2c0513400 for idx=0\n qla2xxx [0000:37:00.1]-700e:5: qla2x00_start_sp failed = 11\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n\nRemove unused nvme_ls_waitq wait queue. nvme_ls_waitq logic was removed\npreviously in the commits tagged Fixed: below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53280",
"url": "https://www.suse.com/security/cve/CVE-2023-53280"
},
{
"category": "external",
"summary": "SUSE Bug 1249938 for CVE-2023-53280",
"url": "https://bugzilla.suse.com/1249938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53280"
},
{
"cve": "CVE-2023-53286",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53286"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Return the firmware result upon destroying QP/RQ\n\nPreviously when destroying a QP/RQ, the result of the firmware\ndestruction function was ignored and upper layers weren\u0027t informed\nabout the failure.\nWhich in turn could lead to various problems since when upper layer\nisn\u0027t aware of the failure it continues its operation thinking that the\nrelated QP/RQ was successfully destroyed while it actually wasn\u0027t,\nwhich could lead to the below kernel WARN.\n\nCurrently, we return the correct firmware destruction status to upper\nlayers which in case of the RQ would be mlx5_ib_destroy_wq() which\nwas already capable of handling RQ destruction failure or in case of\na QP to destroy_qp_common(), which now would actually warn upon qp\ndestruction failure.\n\nWARNING: CPU: 3 PID: 995 at drivers/infiniband/core/rdma_core.c:940 uverbs_destroy_ufile_hw+0xcb/0xe0 [ib_uverbs]\nModules linked in: xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_umad ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core overlay mlx5_core fuse\nCPU: 3 PID: 995 Comm: python3 Not tainted 5.16.0-rc5+ #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:uverbs_destroy_ufile_hw+0xcb/0xe0 [ib_uverbs]\nCode: 41 5c 41 5d 41 5e e9 44 34 f0 e0 48 89 df e8 4c 77 ff ff 49 8b 86 10 01 00 00 48 85 c0 74 a1 4c 89 e7 ff d0 eb 9a 0f 0b eb c1 \u003c0f\u003e 0b be 04 00 00 00 48 89 df e8 b6 f6 ff ff e9 75 ff ff ff 90 0f\nRSP: 0018:ffff8881533e3e78 EFLAGS: 00010287\nRAX: ffff88811b2cf3e0 RBX: ffff888106209700 RCX: 0000000000000000\nRDX: ffff888106209780 RSI: ffff8881533e3d30 RDI: ffff888109b101a0\nRBP: 0000000000000001 R08: ffff888127cb381c R09: 0de9890000000009\nR10: ffff888127cb3800 R11: 0000000000000000 R12: ffff888106209780\nR13: ffff888106209750 R14: ffff888100f20660 R15: 0000000000000000\nFS: 00007f8be353b740(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8bd5b117c0 CR3: 000000012cd8a004 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ib_uverbs_close+0x1a/0x90 [ib_uverbs]\n __fput+0x82/0x230\n task_work_run+0x59/0x90\n exit_to_user_mode_prepare+0x138/0x140\n syscall_exit_to_user_mode+0x1d/0x50\n ? __x64_sys_close+0xe/0x40\n do_syscall_64+0x4a/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f8be3ae0abb\nCode: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 83 43 f9 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 c1 43 f9 ff 8b 44\nRSP: 002b:00007ffdb51909c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\nRAX: 0000000000000000 RBX: 0000557bb7f7c020 RCX: 00007f8be3ae0abb\nRDX: 0000557bb7c74010 RSI: 0000557bb7f14ca0 RDI: 0000000000000005\nRBP: 0000557bb7fbd598 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000293 R12: 0000557bb7fbd5b8\nR13: 0000557bb7fbd5a8 R14: 0000000000001000 R15: 0000557bb7f7c020\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53286",
"url": "https://www.suse.com/security/cve/CVE-2023-53286"
},
{
"category": "external",
"summary": "SUSE Bug 1250325 for CVE-2023-53286",
"url": "https://bugzilla.suse.com/1250325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53286"
},
{
"cve": "CVE-2023-53287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53287"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Put the cdns set active part outside the spin lock\n\nThe device may be scheduled during the resume process,\nso this cannot appear in atomic operations. Since\npm_runtime_set_active will resume suppliers, put set\nactive outside the spin lock, which is only used to\nprotect the struct cdns data structure, otherwise the\nkernel will report the following warning:\n\n BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1\n Hardware name: Freescale i.MX8QM MEK (DT)\n Call trace:\n dump_backtrace.part.0+0xe0/0xf0\n show_stack+0x18/0x30\n dump_stack_lvl+0x64/0x80\n dump_stack+0x1c/0x38\n __might_resched+0x1fc/0x240\n __might_sleep+0x68/0xc0\n __pm_runtime_resume+0x9c/0xe0\n rpm_get_suppliers+0x68/0x1b0\n __pm_runtime_set_status+0x298/0x560\n cdns_resume+0xb0/0x1c0\n cdns3_controller_resume.isra.0+0x1e0/0x250\n cdns3_plat_resume+0x28/0x40",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53287",
"url": "https://www.suse.com/security/cve/CVE-2023-53287"
},
{
"category": "external",
"summary": "SUSE Bug 1250089 for CVE-2023-53287",
"url": "https://bugzilla.suse.com/1250089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53287"
},
{
"cve": "CVE-2023-53288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53288"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fix memory leak in drm_client_modeset_probe\n\nWhen a new mode is set to modeset-\u003emode, the previous mode should be freed.\nThis fixes the following kmemleak report:\n\ndrm_mode_duplicate+0x45/0x220 [drm]\ndrm_client_modeset_probe+0x944/0xf50 [drm]\n__drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]\ndrm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]\ndrm_client_register+0x169/0x240 [drm]\nast_pci_probe+0x142/0x190 [ast]\nlocal_pci_probe+0xdc/0x180\nwork_for_cpu_fn+0x4e/0xa0\nprocess_one_work+0x8b7/0x1540\nworker_thread+0x70a/0xed0\nkthread+0x29f/0x340\nret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53288",
"url": "https://www.suse.com/security/cve/CVE-2023-53288"
},
{
"category": "external",
"summary": "SUSE Bug 1250058 for CVE-2023-53288",
"url": "https://bugzilla.suse.com/1250058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53288"
},
{
"cve": "CVE-2023-53291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale\n\nRunning the \u0027kfree_rcu_test\u0027 test case [1] results in a splat [2].\nThe root cause is the kfree_scale_thread thread(s) continue running\nafter unloading the rcuscale module. This commit fixes that isue by\ninvoking kfree_scale_cleanup() from rcu_scale_cleanup() when removing\nthe rcuscale module.\n\n[1] modprobe rcuscale kfree_rcu_test=1\n // After some time\n rmmod rcuscale\n rmmod torture\n\n[2] BUG: unable to handle page fault for address: ffffffffc0601a87\n #PF: supervisor instruction fetch in kernel mode\n #PF: error_code(0x0010) - not-present page\n PGD 11de4f067 P4D 11de4f067 PUD 11de51067 PMD 112f4d067 PTE 0\n Oops: 0010 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1798 Comm: kfree_scale_thr Not tainted 6.3.0-rc1-rcu+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:0xffffffffc0601a87\n Code: Unable to access opcode bytes at 0xffffffffc0601a5d.\n RSP: 0018:ffffb25bc2e57e18 EFLAGS: 00010297\n RAX: 0000000000000000 RBX: ffffffffc061f0b6 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffffff962fd0de RDI: ffffffff962fd0de\n RBP: ffffb25bc2e57ea8 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\n R13: 0000000000000000 R14: 000000000000000a R15: 00000000001c1dbe\n FS: 0000000000000000(0000) GS:ffff921fa2200000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffc0601a5d CR3: 000000011de4c006 CR4: 0000000000370ee0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? kvfree_call_rcu+0xf0/0x3a0\n ? kthread+0xf3/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ? ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n Modules linked in: rfkill sunrpc ... [last unloaded: torture]\n CR2: ffffffffc0601a87\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53291",
"url": "https://www.suse.com/security/cve/CVE-2023-53291"
},
{
"category": "external",
"summary": "SUSE Bug 1249926 for CVE-2023-53291",
"url": "https://bugzilla.suse.com/1249926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53291"
},
{
"cve": "CVE-2023-53292",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53292"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix NULL dereference on q-\u003eelevator in blk_mq_elv_switch_none\n\nAfter grabbing q-\u003esysfs_lock, q-\u003eelevator may become NULL because of\nelevator switch.\n\nFix the NULL dereference on q-\u003eelevator by checking it with lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53292",
"url": "https://www.suse.com/security/cve/CVE-2023-53292"
},
{
"category": "external",
"summary": "SUSE Bug 1250163 for CVE-2023-53292",
"url": "https://bugzilla.suse.com/1250163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53292"
},
{
"cve": "CVE-2023-53303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: microchip: vcap api: Fix possible memory leak for vcap_dup_rule()\n\nInject fault When select CONFIG_VCAP_KUNIT_TEST, the below memory leak\noccurs. If kzalloc() for duprule succeeds, but the following\nkmemdup() fails, the duprule, ckf and caf memory will be leaked. So kfree\nthem in the error path.\n\nunreferenced object 0xffff122744c50600 (size 192):\n comm \"kunit_try_catch\", pid 346, jiffies 4294896122 (age 911.812s)\n hex dump (first 32 bytes):\n 10 27 00 00 04 00 00 00 1e 00 00 00 2c 01 00 00 .\u0027..........,...\n 00 00 00 00 00 00 00 00 18 06 c5 44 27 12 ff ff ...........D\u0027...\n backtrace:\n [\u003c00000000394b0db8\u003e] __kmem_cache_alloc_node+0x274/0x2f8\n [\u003c0000000001bedc67\u003e] kmalloc_trace+0x38/0x88\n [\u003c00000000b0612f98\u003e] vcap_dup_rule+0x50/0x460\n [\u003c000000005d2d3aca\u003e] vcap_add_rule+0x8cc/0x1038\n [\u003c00000000eef9d0f8\u003e] test_vcap_xn_rule_creator.constprop.0.isra.0+0x238/0x494\n [\u003c00000000cbda607b\u003e] vcap_api_rule_remove_in_front_test+0x1ac/0x698\n [\u003c00000000c8766299\u003e] kunit_try_run_case+0xe0/0x20c\n [\u003c00000000c4fe9186\u003e] kunit_generic_run_threadfn_adapter+0x50/0x94\n [\u003c00000000f6864acf\u003e] kthread+0x2e8/0x374\n [\u003c0000000022e639b3\u003e] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53303",
"url": "https://www.suse.com/security/cve/CVE-2023-53303"
},
{
"category": "external",
"summary": "SUSE Bug 1249896 for CVE-2023-53303",
"url": "https://bugzilla.suse.com/1249896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53303"
},
{
"cve": "CVE-2023-53304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: fix overlap expiration walk\n\nThe lazy gc on insert that should remove timed-out entries fails to release\nthe other half of the interval, if any.\n\nCan be reproduced with tests/shell/testcases/sets/0044interval_overlap_0\nin nftables.git and kmemleak enabled kernel.\n\nSecond bug is the use of rbe_prev vs. prev pointer.\nIf rbe_prev() returns NULL after at least one iteration, rbe_prev points\nto element that is not an end interval, hence it should not be removed.\n\nLastly, check the genmask of the end interval if this is active in the\ncurrent generation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53304",
"url": "https://www.suse.com/security/cve/CVE-2023-53304"
},
{
"category": "external",
"summary": "SUSE Bug 1249923 for CVE-2023-53304",
"url": "https://bugzilla.suse.com/1249923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53304"
},
{
"cve": "CVE-2023-53305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53305",
"url": "https://www.suse.com/security/cve/CVE-2023-53305"
},
{
"category": "external",
"summary": "SUSE Bug 1250049 for CVE-2023-53305",
"url": "https://bugzilla.suse.com/1250049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53305"
},
{
"cve": "CVE-2023-53309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53309"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Fix integer overflow in radeon_cs_parser_init\n\nThe type of size is unsigned, if size is 0x40000000, there will be an\ninteger overflow, size will be zero after size *= sizeof(uint32_t),\nwill cause uninitialized memory to be referenced later",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53309",
"url": "https://www.suse.com/security/cve/CVE-2023-53309"
},
{
"category": "external",
"summary": "SUSE Bug 1250055 for CVE-2023-53309",
"url": "https://bugzilla.suse.com/1250055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53309"
},
{
"cve": "CVE-2023-53311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53311"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput\n\nDuring unmount process of nilfs2, nothing holds nilfs_root structure after\nnilfs2 detaches its writer in nilfs_detach_log_writer(). Previously,\nnilfs_evict_inode() could cause use-after-free read for nilfs_root if\ninodes are left in \"garbage_list\" and released by nilfs_dispose_list at\nthe end of nilfs_detach_log_writer(), and this bug was fixed by commit\n9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root in\nnilfs_evict_inode()\").\n\nHowever, it turned out that there is another possibility of UAF in the\ncall path where mark_inode_dirty_sync() is called from iput():\n\nnilfs_detach_log_writer()\n nilfs_dispose_list()\n iput()\n mark_inode_dirty_sync()\n __mark_inode_dirty()\n nilfs_dirty_inode()\n __nilfs_mark_inode_dirty()\n nilfs_load_inode_block() --\u003e causes UAF of nilfs_root struct\n\nThis can happen after commit 0ae45f63d4ef (\"vfs: add support for a\nlazytime mount option\"), which changed iput() to call\nmark_inode_dirty_sync() on its final reference if i_state has I_DIRTY_TIME\nflag and i_nlink is non-zero.\n\nThis issue appears after commit 28a65b49eb53 (\"nilfs2: do not write dirty\ndata after degenerating to read-only\") when using the syzbot reproducer,\nbut the issue has potentially existed before.\n\nFix this issue by adding a \"purging flag\" to the nilfs structure, setting\nthat flag while disposing the \"garbage_list\" and checking it in\n__nilfs_mark_inode_dirty().\n\nUnlike commit 9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root\nin nilfs_evict_inode()\"), this patch does not rely on ns_writer to\ndetermine whether to skip operations, so as not to break recovery on\nmount. The nilfs_salvage_orphan_logs routine dirties the buffer of\nsalvaged data before attaching the log writer, so changing\n__nilfs_mark_inode_dirty() to skip the operation when ns_writer is NULL\nwill cause recovery write to fail. The purpose of using the cleanup-only\nflag is to allow for narrowing of such conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53311",
"url": "https://www.suse.com/security/cve/CVE-2023-53311"
},
{
"category": "external",
"summary": "SUSE Bug 1250062 for CVE-2023-53311",
"url": "https://bugzilla.suse.com/1250062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53311"
},
{
"cve": "CVE-2023-53312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53312"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix net_dev_start_xmit trace event vs skb_transport_offset()\n\nAfter blamed commit, we must be more careful about using\nskb_transport_offset(), as reminded us by syzbot:\n\nWARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868 skb_transport_offset include/linux/skbuff.h:2977 [inline]\nWARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868 perf_trace_net_dev_start_xmit+0x89a/0xce0 include/trace/events/net.h:14\nModules linked in:\nCPU: 0 PID: 10 Comm: kworker/u4:1 Not tainted 6.1.30-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet\nRIP: 0010:skb_transport_header include/linux/skbuff.h:2868 [inline]\nRIP: 0010:skb_transport_offset include/linux/skbuff.h:2977 [inline]\nRIP: 0010:perf_trace_net_dev_start_xmit+0x89a/0xce0 include/trace/events/net.h:14\nCode: 8b 04 25 28 00 00 00 48 3b 84 24 c0 00 00 00 0f 85 4e 04 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc e8 56 22 01 fd \u003c0f\u003e 0b e9 f6 fc ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 86 f9 ff\nRSP: 0018:ffffc900002bf700 EFLAGS: 00010293\nRAX: ffffffff8485d8ca RBX: 000000000000ffff RCX: ffff888100914280\nRDX: 0000000000000000 RSI: 000000000000ffff RDI: 000000000000ffff\nRBP: ffffc900002bf818 R08: ffffffff8485d5b6 R09: fffffbfff0f8fb5e\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff110217d8f67\nR13: ffff88810bec7b3a R14: dffffc0000000000 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ffff8881f6a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f96cf6d52f0 CR3: 000000012224c000 CR4: 0000000000350ef0\nCall Trace:\n\u003cTASK\u003e\n[\u003cffffffff84715e35\u003e] trace_net_dev_start_xmit include/trace/events/net.h:14 [inline]\n[\u003cffffffff84715e35\u003e] xmit_one net/core/dev.c:3643 [inline]\n[\u003cffffffff84715e35\u003e] dev_hard_start_xmit+0x705/0x980 net/core/dev.c:3660\n[\u003cffffffff8471a232\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff85416493\u003e] dev_queue_xmit include/linux/netdevice.h:3030 [inline]\n[\u003cffffffff85416493\u003e] batadv_send_skb_packet+0x3f3/0x680 net/batman-adv/send.c:108\n[\u003cffffffff85416744\u003e] batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n[\u003cffffffff853bc52a\u003e] batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:393 [inline]\n[\u003cffffffff853bc52a\u003e] batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:421 [inline]\n[\u003cffffffff853bc52a\u003e] batadv_iv_send_outstanding_bat_ogm_packet+0x69a/0x840 net/batman-adv/bat_iv_ogm.c:1701\n[\u003cffffffff8151023c\u003e] process_one_work+0x8ac/0x1170 kernel/workqueue.c:2289\n[\u003cffffffff81511938\u003e] worker_thread+0xaa8/0x12d0 kernel/workqueue.c:2436",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53312",
"url": "https://www.suse.com/security/cve/CVE-2023-53312"
},
{
"category": "external",
"summary": "SUSE Bug 1250063 for CVE-2023-53312",
"url": "https://bugzilla.suse.com/1250063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53312"
},
{
"cve": "CVE-2023-53313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53313"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix wrong setting of max_corr_read_errors\n\nThere is no input check when echo md/max_read_errors and overflow might\noccur. Add check of input number.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53313",
"url": "https://www.suse.com/security/cve/CVE-2023-53313"
},
{
"category": "external",
"summary": "SUSE Bug 1249911 for CVE-2023-53313",
"url": "https://bugzilla.suse.com/1249911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53313"
},
{
"cve": "CVE-2023-53314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53314"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev/ep93xx-fb: Do not assign to struct fb_info.dev\n\nDo not assing the Linux device to struct fb_info.dev. The call to\nregister_framebuffer() initializes the field to the fbdev device.\nDrivers should not override its value.\n\nFixes a bug where the driver incorrectly decreases the hardware\ndevice\u0027s reference counter and leaks the fbdev device.\n\nv2:\n\t* add Fixes tag (Dan)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53314",
"url": "https://www.suse.com/security/cve/CVE-2023-53314"
},
{
"category": "external",
"summary": "SUSE Bug 1250065 for CVE-2023-53314",
"url": "https://bugzilla.suse.com/1250065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53314"
},
{
"cve": "CVE-2023-53316",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53316"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: Free resources after unregistering them\n\nThe DP component\u0027s unbind operation walks through the submodules to\nunregister and clean things up. But if the unbind happens because the DP\ncontroller itself is being removed, all the memory for those submodules\nhas just been freed.\n\nChange the order of these operations to avoid the many use-after-free\nthat otherwise happens in this code path.\n\nPatchwork: https://patchwork.freedesktop.org/patch/542166/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53316",
"url": "https://www.suse.com/security/cve/CVE-2023-53316"
},
{
"category": "external",
"summary": "SUSE Bug 1250066 for CVE-2023-53316",
"url": "https://bugzilla.suse.com/1250066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53316"
},
{
"cve": "CVE-2023-53319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm\n\nCurrently there is no synchronisation between finalize_pkvm() and\nkvm_arm_init() initcalls. The finalize_pkvm() proceeds happily even if\nkvm_arm_init() fails resulting in the following warning on all the CPUs\nand eventually a HYP panic:\n\n | kvm [1]: IPA Size Limit: 48 bits\n | kvm [1]: Failed to init hyp memory protection\n | kvm [1]: error initializing Hyp mode: -22\n |\n | \u003csnip\u003e\n |\n | WARNING: CPU: 0 PID: 0 at arch/arm64/kvm/pkvm.c:226 _kvm_host_prot_finalize+0x30/0x50\n | Modules linked in:\n | CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.4.0 #237\n | Hardware name: FVP Base RevC (DT)\n | pstate: 634020c5 (nZCv daIF +PAN -UAO +TCO +DIT -SSBS BTYPE=--)\n | pc : _kvm_host_prot_finalize+0x30/0x50\n | lr : __flush_smp_call_function_queue+0xd8/0x230\n |\n | Call trace:\n | _kvm_host_prot_finalize+0x3c/0x50\n | on_each_cpu_cond_mask+0x3c/0x6c\n | pkvm_drop_host_privileges+0x4c/0x78\n | finalize_pkvm+0x3c/0x5c\n | do_one_initcall+0xcc/0x240\n | do_initcall_level+0x8c/0xac\n | do_initcalls+0x54/0x94\n | do_basic_setup+0x1c/0x28\n | kernel_init_freeable+0x100/0x16c\n | kernel_init+0x20/0x1a0\n | ret_from_fork+0x10/0x20\n | Failed to finalize Hyp protection: -22\n | dtb=fvp-base-revc.dtb\n | kvm [95]: nVHE hyp BUG at: arch/arm64/kvm/hyp/nvhe/mem_protect.c:540!\n | kvm [95]: nVHE call trace:\n | kvm [95]: [\u003cffff800081052984\u003e] __kvm_nvhe_hyp_panic+0xac/0xf8\n | kvm [95]: [\u003cffff800081059644\u003e] __kvm_nvhe_handle_host_mem_abort+0x1a0/0x2ac\n | kvm [95]: [\u003cffff80008105511c\u003e] __kvm_nvhe_handle_trap+0x4c/0x160\n | kvm [95]: [\u003cffff8000810540fc\u003e] __kvm_nvhe___skip_pauth_save+0x4/0x4\n | kvm [95]: ---[ end nVHE call trace ]---\n | kvm [95]: Hyp Offset: 0xfffe8db00ffa0000\n | Kernel panic - not syncing: HYP panic:\n | PS:a34023c9 PC:0000f250710b973c ESR:00000000f2000800\n | FAR:ffff000800cb00d0 HPFAR:000000000880cb00 PAR:0000000000000000\n | VCPU:0000000000000000\n | CPU: 3 PID: 95 Comm: kworker/u16:2 Tainted: G W 6.4.0 #237\n | Hardware name: FVP Base RevC (DT)\n | Workqueue: rpciod rpc_async_schedule\n | Call trace:\n | dump_backtrace+0xec/0x108\n | show_stack+0x18/0x2c\n | dump_stack_lvl+0x50/0x68\n | dump_stack+0x18/0x24\n | panic+0x138/0x33c\n | nvhe_hyp_panic_handler+0x100/0x184\n | new_slab+0x23c/0x54c\n | ___slab_alloc+0x3e4/0x770\n | kmem_cache_alloc_node+0x1f0/0x278\n | __alloc_skb+0xdc/0x294\n | tcp_stream_alloc_skb+0x2c/0xf0\n | tcp_sendmsg_locked+0x3d0/0xda4\n | tcp_sendmsg+0x38/0x5c\n | inet_sendmsg+0x44/0x60\n | sock_sendmsg+0x1c/0x34\n | xprt_sock_sendmsg+0xdc/0x274\n | xs_tcp_send_request+0x1ac/0x28c\n | xprt_transmit+0xcc/0x300\n | call_transmit+0x78/0x90\n | __rpc_execute+0x114/0x3d8\n | rpc_async_schedule+0x28/0x48\n | process_one_work+0x1d8/0x314\n | worker_thread+0x248/0x474\n | kthread+0xfc/0x184\n | ret_from_fork+0x10/0x20\n | SMP: stopping secondary CPUs\n | Kernel Offset: 0x57c5cb460000 from 0xffff800080000000\n | PHYS_OFFSET: 0x80000000\n | CPU features: 0x00000000,1035b7a3,ccfe773f\n | Memory Limit: none\n | ---[ end Kernel panic - not syncing: HYP panic:\n | PS:a34023c9 PC:0000f250710b973c ESR:00000000f2000800\n | FAR:ffff000800cb00d0 HPFAR:000000000880cb00 PAR:0000000000000000\n | VCPU:0000000000000000 ]---\n\nFix it by checking for the successfull initialisation of kvm_arm_init()\nin finalize_pkvm() before proceeding any futher.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53319",
"url": "https://www.suse.com/security/cve/CVE-2023-53319"
},
{
"category": "external",
"summary": "SUSE Bug 1250067 for CVE-2023-53319",
"url": "https://bugzilla.suse.com/1250067"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53319"
},
{
"cve": "CVE-2023-53321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53321"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn\u0027t be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53321",
"url": "https://www.suse.com/security/cve/CVE-2023-53321"
},
{
"category": "external",
"summary": "SUSE Bug 1250313 for CVE-2023-53321",
"url": "https://bugzilla.suse.com/1250313"
},
{
"category": "external",
"summary": "SUSE Bug 1250314 for CVE-2023-53321",
"url": "https://bugzilla.suse.com/1250314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53321"
},
{
"cve": "CVE-2023-53322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53322"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Wait for io return on terminate rport\n\nSystem crash due to use after free.\nCurrent code allows terminate_rport_io to exit before making\nsure all IOs has returned. For FCP-2 device, IO\u0027s can hang\non in HW because driver has not tear down the session in FW at\nfirst sign of cable pull. When dev_loss_tmo timer pops,\nterminate_rport_io is called and upper layer is about to\nfree various resources. Terminate_rport_io trigger qla to do\nthe final cleanup, but the cleanup might not be fast enough where it\nleave qla still holding on to the same resource.\n\nWait for IO\u0027s to return to upper layer before resources are freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53322",
"url": "https://www.suse.com/security/cve/CVE-2023-53322"
},
{
"category": "external",
"summary": "SUSE Bug 1250323 for CVE-2023-53322",
"url": "https://bugzilla.suse.com/1250323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53322"
},
{
"cve": "CVE-2023-53323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53323"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next2/dax: Fix ext2_setsize when len is page aligned\n\nPAGE_ALIGN(x) macro gives the next highest value which is multiple of\npagesize. But if x is already page aligned then it simply returns x.\nSo, if x passed is 0 in dax_zero_range() function, that means the\nlength gets passed as 0 to -\u003eiomap_begin().\n\nIn ext2 it then calls ext2_get_blocks -\u003e max_blocks as 0 and hits bug_on\nhere in ext2_get_blocks().\n\tBUG_ON(maxblocks == 0);\n\nInstead we should be calling dax_truncate_page() here which takes\ncare of it. i.e. it only calls dax_zero_range if the offset is not\npage/block aligned.\n\nThis can be easily triggered with following on fsdax mounted pmem\ndevice.\n\ndd if=/dev/zero of=file count=1 bs=512\ntruncate -s 0 file\n\n[79.525838] EXT2-fs (pmem0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk\n[79.529376] ext2 filesystem being mounted at /mnt1/test supports timestamps until 2038 (0x7fffffff)\n[93.793207] ------------[ cut here ]------------\n[93.795102] kernel BUG at fs/ext2/inode.c:637!\n[93.796904] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[93.798659] CPU: 0 PID: 1192 Comm: truncate Not tainted 6.3.0-rc2-xfstests-00056-g131086faa369 #139\n[93.806459] RIP: 0010:ext2_get_blocks.constprop.0+0x524/0x610\n\u003c...\u003e\n[93.835298] Call Trace:\n[93.836253] \u003cTASK\u003e\n[93.837103] ? lock_acquire+0xf8/0x110\n[93.838479] ? d_lookup+0x69/0xd0\n[93.839779] ext2_iomap_begin+0xa7/0x1c0\n[93.841154] iomap_iter+0xc7/0x150\n[93.842425] dax_zero_range+0x6e/0xa0\n[93.843813] ext2_setsize+0x176/0x1b0\n[93.845164] ext2_setattr+0x151/0x200\n[93.846467] notify_change+0x341/0x4e0\n[93.847805] ? lock_acquire+0xf8/0x110\n[93.849143] ? do_truncate+0x74/0xe0\n[93.850452] ? do_truncate+0x84/0xe0\n[93.851739] do_truncate+0x84/0xe0\n[93.852974] do_sys_ftruncate+0x2b4/0x2f0\n[93.854404] do_syscall_64+0x3f/0x90\n[93.855789] entry_SYSCALL_64_after_hwframe+0x72/0xdc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53323",
"url": "https://www.suse.com/security/cve/CVE-2023-53323"
},
{
"category": "external",
"summary": "SUSE Bug 1250069 for CVE-2023-53323",
"url": "https://bugzilla.suse.com/1250069"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53323"
},
{
"cve": "CVE-2023-53324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Don\u0027t leak some plane state\n\nApparently no one noticed that mdp5 plane states leak like a sieve\never since we introduced plane_state-\u003ecommit refcount a few years ago\nin 21a01abbe32a (\"drm/atomic: Fix freeing connector/plane state too\nearly by tracking commits, v3.\")\n\nFix it by using the right helpers.\n\nPatchwork: https://patchwork.freedesktop.org/patch/551236/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53324",
"url": "https://www.suse.com/security/cve/CVE-2023-53324"
},
{
"category": "external",
"summary": "SUSE Bug 1250070 for CVE-2023-53324",
"url": "https://bugzilla.suse.com/1250070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53324"
},
{
"cve": "CVE-2023-53325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer()\n\nChange logging from drm_{err,info}() to dev_{err,info}() in functions\nmtk_dp_aux_transfer() and mtk_dp_aux_do_transfer(): this will be\nessential to avoid getting NULL pointer kernel panics if any kind\nof error happens during AUX transfers happening before the bridge\nis attached.\n\nThis may potentially start happening in a later commit implementing\naux-bus support, as AUX transfers will be triggered from the panel\ndriver (for EDID) before the mtk-dp bridge gets attached, and it\u0027s\ndone in preparation for the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53325",
"url": "https://www.suse.com/security/cve/CVE-2023-53325"
},
{
"category": "external",
"summary": "SUSE Bug 1250035 for CVE-2023-53325",
"url": "https://bugzilla.suse.com/1250035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53325"
},
{
"cve": "CVE-2023-53328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Enhance sanity check while generating attr_list\n\nni_create_attr_list uses WARN_ON to catch error cases while generating\nattribute list, which only prints out stack trace and may not be enough.\nThis repalces them with more proper error handling flow.\n\n[ 59.666332] BUG: kernel NULL pointer dereference, address: 000000000000000e\n[ 59.673268] #PF: supervisor read access in kernel mode\n[ 59.678354] #PF: error_code(0x0000) - not-present page\n[ 59.682831] PGD 8000000005ff1067 P4D 8000000005ff1067 PUD 7dee067 PMD 0\n[ 59.688556] Oops: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 59.692642] CPU: 0 PID: 198 Comm: poc Tainted: G B W 6.2.0-rc1+ #4\n[ 59.698868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 59.708795] RIP: 0010:ni_create_attr_list+0x505/0x860\n[ 59.713657] Code: 7e 10 e8 5e d0 d0 ff 45 0f b7 76 10 48 8d 7b 16 e8 00 d1 d0 ff 66 44 89 73 16 4d 8d 75 0e 4c 89 f7 e8 3f d0 d0 ff 4c 8d8\n[ 59.731559] RSP: 0018:ffff88800a56f1e0 EFLAGS: 00010282\n[ 59.735691] RAX: 0000000000000001 RBX: ffff88800b7b5088 RCX: ffffffffb83079fe\n[ 59.741792] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffffbb7f9fc0\n[ 59.748423] RBP: ffff88800a56f3a8 R08: ffff88800b7b50a0 R09: fffffbfff76ff3f9\n[ 59.754654] R10: ffffffffbb7f9fc7 R11: fffffbfff76ff3f8 R12: ffff88800b756180\n[ 59.761552] R13: 0000000000000000 R14: 000000000000000e R15: 0000000000000050\n[ 59.768323] FS: 00007feaa8c96440(0000) GS:ffff88806d400000(0000) knlGS:0000000000000000\n[ 59.776027] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 59.781395] CR2: 00007f3a2e0b1000 CR3: 000000000a5bc000 CR4: 00000000000006f0\n[ 59.787607] Call Trace:\n[ 59.790271] \u003cTASK\u003e\n[ 59.792488] ? __pfx_ni_create_attr_list+0x10/0x10\n[ 59.797235] ? kernel_text_address+0xd3/0xe0\n[ 59.800856] ? unwind_get_return_address+0x3e/0x60\n[ 59.805101] ? __kasan_check_write+0x18/0x20\n[ 59.809296] ? preempt_count_sub+0x1c/0xd0\n[ 59.813421] ni_ins_attr_ext+0x52c/0x5c0\n[ 59.817034] ? __pfx_ni_ins_attr_ext+0x10/0x10\n[ 59.821926] ? __vfs_setxattr+0x121/0x170\n[ 59.825718] ? __vfs_setxattr_noperm+0x97/0x300\n[ 59.829562] ? __vfs_setxattr_locked+0x145/0x170\n[ 59.833987] ? vfs_setxattr+0x137/0x2a0\n[ 59.836732] ? do_setxattr+0xce/0x150\n[ 59.839807] ? setxattr+0x126/0x140\n[ 59.842353] ? path_setxattr+0x164/0x180\n[ 59.845275] ? __x64_sys_setxattr+0x71/0x90\n[ 59.848838] ? do_syscall_64+0x3f/0x90\n[ 59.851898] ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n[ 59.857046] ? stack_depot_save+0x17/0x20\n[ 59.860299] ni_insert_attr+0x1ba/0x420\n[ 59.863104] ? __pfx_ni_insert_attr+0x10/0x10\n[ 59.867069] ? preempt_count_sub+0x1c/0xd0\n[ 59.869897] ? _raw_spin_unlock_irqrestore+0x2b/0x50\n[ 59.874088] ? __create_object+0x3ae/0x5d0\n[ 59.877865] ni_insert_resident+0xc4/0x1c0\n[ 59.881430] ? __pfx_ni_insert_resident+0x10/0x10\n[ 59.886355] ? kasan_save_alloc_info+0x1f/0x30\n[ 59.891117] ? __kasan_kmalloc+0x8b/0xa0\n[ 59.894383] ntfs_set_ea+0x90d/0xbf0\n[ 59.897703] ? __pfx_ntfs_set_ea+0x10/0x10\n[ 59.901011] ? kernel_text_address+0xd3/0xe0\n[ 59.905308] ? __kernel_text_address+0x16/0x50\n[ 59.909811] ? unwind_get_return_address+0x3e/0x60\n[ 59.914898] ? __pfx_stack_trace_consume_entry+0x10/0x10\n[ 59.920250] ? arch_stack_walk+0xa2/0x100\n[ 59.924560] ? filter_irq_stacks+0x27/0x80\n[ 59.928722] ntfs_setxattr+0x405/0x440\n[ 59.932512] ? __pfx_ntfs_setxattr+0x10/0x10\n[ 59.936634] ? kvmalloc_node+0x2d/0x120\n[ 59.940378] ? kasan_save_stack+0x41/0x60\n[ 59.943870] ? kasan_save_stack+0x2a/0x60\n[ 59.947719] ? kasan_set_track+0x29/0x40\n[ 59.951417] ? kasan_save_alloc_info+0x1f/0x30\n[ 59.955733] ? __kasan_kmalloc+0x8b/0xa0\n[ 59.959598] ? __kmalloc_node+0x68/0x150\n[ 59.963163] ? kvmalloc_node+0x2d/0x120\n[ 59.966490] ? vmemdup_user+0x2b/0xa0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53328",
"url": "https://www.suse.com/security/cve/CVE-2023-53328"
},
{
"category": "external",
"summary": "SUSE Bug 1249952 for CVE-2023-53328",
"url": "https://bugzilla.suse.com/1249952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53328"
},
{
"cve": "CVE-2023-53331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53331"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: Check start of empty przs during init\n\nAfter commit 30696378f68a (\"pstore/ram: Do not treat empty buffers as\nvalid\"), initialization would assume a prz was valid after seeing that\nthe buffer_size is zero (regardless of the buffer start position). This\nunchecked start value means it could be outside the bounds of the buffer,\nleading to future access panics when written to:\n\n sysdump_panic_event+0x3b4/0x5b8\n atomic_notifier_call_chain+0x54/0x90\n panic+0x1c8/0x42c\n die+0x29c/0x2a8\n die_kernel_fault+0x68/0x78\n __do_kernel_fault+0x1c4/0x1e0\n do_bad_area+0x40/0x100\n do_translation_fault+0x68/0x80\n do_mem_abort+0x68/0xf8\n el1_da+0x1c/0xc0\n __raw_writeb+0x38/0x174\n __memcpy_toio+0x40/0xac\n persistent_ram_update+0x44/0x12c\n persistent_ram_write+0x1a8/0x1b8\n ramoops_pstore_write+0x198/0x1e8\n pstore_console_write+0x94/0xe0\n ...\n\nTo avoid this, also check if the prz start is 0 during the initialization\nphase. If not, the next prz sanity check case will discover it (start \u003e\nsize) and zap the buffer back to a sane state.\n\n[kees: update commit log with backtrace and clarifications]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53331",
"url": "https://www.suse.com/security/cve/CVE-2023-53331"
},
{
"category": "external",
"summary": "SUSE Bug 1249950 for CVE-2023-53331",
"url": "https://bugzilla.suse.com/1249950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53331"
},
{
"cve": "CVE-2023-53333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one\n\nEric Dumazet says:\n nf_conntrack_dccp_packet() has an unique:\n\n dh = skb_header_pointer(skb, dataoff, sizeof(_dh), \u0026_dh);\n\n And nothing more is \u0027pulled\u0027 from the packet, depending on the content.\n dh-\u003edccph_doff, and/or dh-\u003edccph_x ...)\n So dccp_ack_seq() is happily reading stuff past the _dh buffer.\n\nBUG: KASAN: stack-out-of-bounds in nf_conntrack_dccp_packet+0x1134/0x11c0\nRead of size 4 at addr ffff000128f66e0c by task syz-executor.2/29371\n[..]\n\nFix this by increasing the stack buffer to also include room for\nthe extra sequence numbers and all the known dccp packet type headers,\nthen pull again after the initial validation of the basic header.\n\nWhile at it, mark packets invalid that lack 48bit sequence bit but\nwhere RFC says the type MUST use them.\n\nCompile tested only.\n\nv2: first skb_header_pointer() now needs to adjust the size to\n only pull the generic header. (Eric)\n\nHeads-up: I intend to remove dccp conntrack support later this year.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53333",
"url": "https://www.suse.com/security/cve/CVE-2023-53333"
},
{
"category": "external",
"summary": "SUSE Bug 1249949 for CVE-2023-53333",
"url": "https://bugzilla.suse.com/1249949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53333"
},
{
"cve": "CVE-2023-53336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53336"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings\n\nWhen ipu_bridge_parse_rotation() and ipu_bridge_parse_orientation() run\nsensor-\u003eadev is not set yet.\n\nSo if either of the dev_warn() calls about unknown values are hit this\nwill lead to a NULL pointer deref.\n\nSet sensor-\u003eadev earlier, with a borrowed ref to avoid making unrolling\non errors harder, to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53336",
"url": "https://www.suse.com/security/cve/CVE-2023-53336"
},
{
"category": "external",
"summary": "SUSE Bug 1250073 for CVE-2023-53336",
"url": "https://bugzilla.suse.com/1250073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53336"
},
{
"cve": "CVE-2023-53338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlwt: Fix return values of BPF xmit ops\n\nBPF encap ops can return different types of positive values, such like\nNET_RX_DROP, NET_XMIT_CN, NETDEV_TX_BUSY, and so on, from function\nskb_do_redirect and bpf_lwt_xmit_reroute. At the xmit hook, such return\nvalues would be treated implicitly as LWTUNNEL_XMIT_CONTINUE in\nip(6)_finish_output2. When this happens, skbs that have been freed would\ncontinue to the neighbor subsystem, causing use-after-free bug and\nkernel crashes.\n\nTo fix the incorrect behavior, skb_do_redirect return values can be\nsimply discarded, the same as tc-egress behavior. On the other hand,\nbpf_lwt_xmit_reroute returns useful errors to local senders, e.g. PMTU\ninformation. Thus convert its return values to avoid the conflict with\nLWTUNNEL_XMIT_CONTINUE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53338",
"url": "https://www.suse.com/security/cve/CVE-2023-53338"
},
{
"category": "external",
"summary": "SUSE Bug 1250074 for CVE-2023-53338",
"url": "https://bugzilla.suse.com/1250074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53338"
},
{
"cve": "CVE-2023-53339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix BUG_ON condition in btrfs_cancel_balance\n\nPausing and canceling balance can race to interrupt balance lead to BUG_ON\npanic in btrfs_cancel_balance. The BUG_ON condition in btrfs_cancel_balance\ndoes not take this race scenario into account.\n\nHowever, the race condition has no other side effects. We can fix that.\n\nReproducing it with panic trace like this:\n\n kernel BUG at fs/btrfs/volumes.c:4618!\n RIP: 0010:btrfs_cancel_balance+0x5cf/0x6a0\n Call Trace:\n \u003cTASK\u003e\n ? do_nanosleep+0x60/0x120\n ? hrtimer_nanosleep+0xb7/0x1a0\n ? sched_core_clone_cookie+0x70/0x70\n btrfs_ioctl_balance_ctl+0x55/0x70\n btrfs_ioctl+0xa46/0xd20\n __x64_sys_ioctl+0x7d/0xa0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Race scenario as follows:\n \u003e mutex_unlock(\u0026fs_info-\u003ebalance_mutex);\n \u003e --------------------\n \u003e .......issue pause and cancel req in another thread\n \u003e --------------------\n \u003e ret = __btrfs_balance(fs_info);\n \u003e\n \u003e mutex_lock(\u0026fs_info-\u003ebalance_mutex);\n \u003e if (ret == -ECANCELED \u0026\u0026 atomic_read(\u0026fs_info-\u003ebalance_pause_req)) {\n \u003e btrfs_info(fs_info, \"balance: paused\");\n \u003e btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);\n \u003e }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53339",
"url": "https://www.suse.com/security/cve/CVE-2023-53339"
},
{
"category": "external",
"summary": "SUSE Bug 1250329 for CVE-2023-53339",
"url": "https://bugzilla.suse.com/1250329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53339"
},
{
"cve": "CVE-2023-53342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53342"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix handling IPv4 routes with nhid\n\nFix handling IPv4 routes referencing a nexthop via its id by replacing\ncalls to fib_info_nh() with fib_info_nhc().\n\nTrying to add an IPv4 route referencing a nextop via nhid:\n\n $ ip link set up swp5\n $ ip a a 10.0.0.1/24 dev swp5\n $ ip nexthop add dev swp5 id 20 via 10.0.0.2\n $ ip route add 10.0.1.0/24 nhid 20\n\ntriggers warnings when trying to handle the route:\n\n[ 528.805763] ------------[ cut here ]------------\n[ 528.810437] WARNING: CPU: 3 PID: 53 at include/net/nexthop.h:468 __prestera_fi_is_direct+0x2c/0x68 [prestera]\n[ 528.820434] Modules linked in: prestera_pci act_gact act_police sch_ingress cls_u32 cls_flower prestera arm64_delta_tn48m_dn_led(O) arm64_delta_tn48m_dn_cpld(O) [last unloaded: prestera_pci]\n[ 528.837485] CPU: 3 PID: 53 Comm: kworker/u8:3 Tainted: G O 6.4.5 #1\n[ 528.845178] Hardware name: delta,tn48m-dn (DT)\n[ 528.849641] Workqueue: prestera_ordered __prestera_router_fib_event_work [prestera]\n[ 528.857352] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 528.864347] pc : __prestera_fi_is_direct+0x2c/0x68 [prestera]\n[ 528.870135] lr : prestera_k_arb_fib_evt+0xb20/0xd50 [prestera]\n[ 528.876007] sp : ffff80000b20bc90\n[ 528.879336] x29: ffff80000b20bc90 x28: 0000000000000000 x27: ffff0001374d3a48\n[ 528.886510] x26: ffff000105604000 x25: ffff000134af8a28 x24: ffff0001374d3800\n[ 528.893683] x23: ffff000101c89148 x22: ffff000101c89000 x21: ffff000101c89200\n[ 528.900855] x20: ffff00013641fda0 x19: ffff800009d01088 x18: 0000000000000059\n[ 528.908027] x17: 0000000000000277 x16: 0000000000000000 x15: 0000000000000000\n[ 528.915198] x14: 0000000000000003 x13: 00000000000fe400 x12: 0000000000000000\n[ 528.922371] x11: 0000000000000002 x10: 0000000000000aa0 x9 : ffff8000013d2020\n[ 528.929543] x8 : 0000000000000018 x7 : 000000007b1703f8 x6 : 000000001ca72f86\n[ 528.936715] x5 : 0000000033399ea7 x4 : 0000000000000000 x3 : ffff0001374d3acc\n[ 528.943886] x2 : 0000000000000000 x1 : ffff00010200de00 x0 : ffff000134ae3f80\n[ 528.951058] Call trace:\n[ 528.953516] __prestera_fi_is_direct+0x2c/0x68 [prestera]\n[ 528.958952] __prestera_router_fib_event_work+0x100/0x158 [prestera]\n[ 528.965348] process_one_work+0x208/0x488\n[ 528.969387] worker_thread+0x4c/0x430\n[ 528.973068] kthread+0x120/0x138\n[ 528.976313] ret_from_fork+0x10/0x20\n[ 528.979909] ---[ end trace 0000000000000000 ]---\n[ 528.984998] ------------[ cut here ]------------\n[ 528.989645] WARNING: CPU: 3 PID: 53 at include/net/nexthop.h:468 __prestera_fi_is_direct+0x2c/0x68 [prestera]\n[ 528.999628] Modules linked in: prestera_pci act_gact act_police sch_ingress cls_u32 cls_flower prestera arm64_delta_tn48m_dn_led(O) arm64_delta_tn48m_dn_cpld(O) [last unloaded: prestera_pci]\n[ 529.016676] CPU: 3 PID: 53 Comm: kworker/u8:3 Tainted: G W O 6.4.5 #1\n[ 529.024368] Hardware name: delta,tn48m-dn (DT)\n[ 529.028830] Workqueue: prestera_ordered __prestera_router_fib_event_work [prestera]\n[ 529.036539] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 529.043533] pc : __prestera_fi_is_direct+0x2c/0x68 [prestera]\n[ 529.049318] lr : __prestera_k_arb_fc_apply+0x280/0x2f8 [prestera]\n[ 529.055452] sp : ffff80000b20bc60\n[ 529.058781] x29: ffff80000b20bc60 x28: 0000000000000000 x27: ffff0001374d3a48\n[ 529.065953] x26: ffff000105604000 x25: ffff000134af8a28 x24: ffff0001374d3800\n[ 529.073126] x23: ffff000101c89148 x22: ffff000101c89148 x21: ffff00013641fda0\n[ 529.080299] x20: ffff000101c89000 x19: ffff000101c89020 x18: 0000000000000059\n[ 529.087471] x17: 0000000000000277 x16: 0000000000000000 x15: 0000000000000000\n[ 529.094642] x14: 0000000000000003 x13: 00000000000fe400 x12: 0000000000000000\n[ 529.101814] x11: 0000000000000002 x10: 0000000000000aa0 x9 : ffff8000013cee80\n[ 529.108985] x8 : 0000000000000018 x7 : 000000007b1703f8 x6 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53342",
"url": "https://www.suse.com/security/cve/CVE-2023-53342"
},
{
"category": "external",
"summary": "SUSE Bug 1250029 for CVE-2023-53342",
"url": "https://bugzilla.suse.com/1250029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53342"
},
{
"cve": "CVE-2023-53343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53343"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp6: Fix null-ptr-deref of ip6_null_entry-\u003ert6i_idev in icmp6_dev().\n\nWith some IPv6 Ext Hdr (RPL, SRv6, etc.), we can send a packet that\nhas the link-local address as src and dst IP and will be forwarded to\nan external IP in the IPv6 Ext Hdr.\n\nFor example, the script below generates a packet whose src IP is the\nlink-local address and dst is updated to 11::.\n\n # for f in $(find /proc/sys/net/ -name *seg6_enabled*); do echo 1 \u003e $f; done\n # python3\n \u003e\u003e\u003e from socket import *\n \u003e\u003e\u003e from scapy.all import *\n \u003e\u003e\u003e\n \u003e\u003e\u003e SRC_ADDR = DST_ADDR = \"fe80::5054:ff:fe12:3456\"\n \u003e\u003e\u003e\n \u003e\u003e\u003e pkt = IPv6(src=SRC_ADDR, dst=DST_ADDR)\n \u003e\u003e\u003e pkt /= IPv6ExtHdrSegmentRouting(type=4, addresses=[\"11::\", \"22::\"], segleft=1)\n \u003e\u003e\u003e\n \u003e\u003e\u003e sk = socket(AF_INET6, SOCK_RAW, IPPROTO_RAW)\n \u003e\u003e\u003e sk.sendto(bytes(pkt), (DST_ADDR, 0))\n\nFor such a packet, we call ip6_route_input() to look up a route for the\nnext destination in these three functions depending on the header type.\n\n * ipv6_rthdr_rcv()\n * ipv6_rpl_srh_rcv()\n * ipv6_srh_rcv()\n\nIf no route is found, ip6_null_entry is set to skb, and the following\ndst_input(skb) calls ip6_pkt_drop().\n\nFinally, in icmp6_dev(), we dereference skb_rt6_info(skb)-\u003ert6i_idev-\u003edev\nas the input device is the loopback interface. Then, we have to check if\nskb_rt6_info(skb)-\u003ert6i_idev is NULL or not to avoid NULL pointer deref\nfor ip6_null_entry.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 0 PID: 157 Comm: python3 Not tainted 6.4.0-11996-gb121d614371c #35\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:icmp6_send (net/ipv6/icmp.c:436 net/ipv6/icmp.c:503)\nCode: fe ff ff 48 c7 40 30 c0 86 5d 83 e8 c6 44 1c 00 e9 c8 fc ff ff 49 8b 46 58 48 83 e0 fe 0f 84 4a fb ff ff 48 8b 80 d0 00 00 00 \u003c48\u003e 8b 00 44 8b 88 e0 00 00 00 e9 34 fb ff ff 4d 85 ed 0f 85 69 01\nRSP: 0018:ffffc90000003c70 EFLAGS: 00000286\nRAX: 0000000000000000 RBX: 0000000000000001 RCX: 00000000000000e0\nRDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff888006d72a18\nRBP: ffffc90000003d80 R08: 0000000000000000 R09: 0000000000000001\nR10: ffffc90000003d98 R11: 0000000000000040 R12: ffff888006d72a10\nR13: 0000000000000000 R14: ffff8880057fb800 R15: ffffffff835d86c0\nFS: 00007f9dc72ee740(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000057b2000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ip6_pkt_drop (net/ipv6/route.c:4513)\n ipv6_rthdr_rcv (net/ipv6/exthdrs.c:640 net/ipv6/exthdrs.c:686)\n ip6_protocol_deliver_rcu (net/ipv6/ip6_input.c:437 (discriminator 5))\n ip6_input_finish (./include/linux/rcupdate.h:781 net/ipv6/ip6_input.c:483)\n __netif_receive_skb_one_core (net/core/dev.c:5455)\n process_backlog (./include/linux/rcupdate.h:781 net/core/dev.c:5895)\n __napi_poll (net/core/dev.c:6460)\n net_rx_action (net/core/dev.c:6529 net/core/dev.c:6660)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:554)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4231)\n ip6_finish_output2 (./include/net/neighbour.h:544 net/ipv6/ip6_output.c:135)\n rawv6_sendmsg (./include/net/dst.h:458 ./include/linux/netfilter.h:303 net/ipv6/raw.c:656 net/ipv6/raw.c:914)\n sock_sendmsg (net/socket.c:725 net/socket.c:748)\n __sys_sendto (net/socket.c:2134)\n __x64_sys_sendto (net/socket.c:2146 net/socket.c:2142 net/socket.c:2142)\n do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)\nRIP: 0033:0x7f9dc751baea\nCode: d8 64 89 02 48 c7 c0 ff f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53343",
"url": "https://www.suse.com/security/cve/CVE-2023-53343"
},
{
"category": "external",
"summary": "SUSE Bug 1250022 for CVE-2023-53343",
"url": "https://bugzilla.suse.com/1250022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53343"
},
{
"cve": "CVE-2023-53350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53350"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix slicing memory leak\n\nThe temporary buffer storing slicing configuration data from user is only\nfreed on error. This is a memory leak. Free the buffer unconditionally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53350",
"url": "https://www.suse.com/security/cve/CVE-2023-53350"
},
{
"category": "external",
"summary": "SUSE Bug 1250012 for CVE-2023-53350",
"url": "https://bugzilla.suse.com/1250012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53350"
},
{
"cve": "CVE-2023-53352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53352"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: check null pointer before accessing when swapping\n\nAdd a check to avoid null pointer dereference as below:\n\n[ 90.002283] general protection fault, probably for non-canonical\naddress 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[ 90.002292] KASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\n[ 90.002346] ? exc_general_protection+0x159/0x240\n[ 90.002352] ? asm_exc_general_protection+0x26/0x30\n[ 90.002357] ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm]\n[ 90.002365] ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm]\n[ 90.002373] ttm_bo_swapout+0x134/0x7f0 [ttm]\n[ 90.002383] ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm]\n[ 90.002391] ? lock_acquire+0x44d/0x4f0\n[ 90.002398] ? ttm_device_swapout+0xa5/0x260 [ttm]\n[ 90.002412] ? lock_acquired+0x355/0xa00\n[ 90.002416] ? do_raw_spin_trylock+0xb6/0x190\n[ 90.002421] ? __pfx_lock_acquired+0x10/0x10\n[ 90.002426] ? ttm_global_swapout+0x25/0x210 [ttm]\n[ 90.002442] ttm_device_swapout+0x198/0x260 [ttm]\n[ 90.002456] ? __pfx_ttm_device_swapout+0x10/0x10 [ttm]\n[ 90.002472] ttm_global_swapout+0x75/0x210 [ttm]\n[ 90.002486] ttm_tt_populate+0x187/0x3f0 [ttm]\n[ 90.002501] ttm_bo_handle_move_mem+0x437/0x590 [ttm]\n[ 90.002517] ttm_bo_validate+0x275/0x430 [ttm]\n[ 90.002530] ? __pfx_ttm_bo_validate+0x10/0x10 [ttm]\n[ 90.002544] ? kasan_save_stack+0x33/0x60\n[ 90.002550] ? kasan_set_track+0x25/0x30\n[ 90.002554] ? __kasan_kmalloc+0x8f/0xa0\n[ 90.002558] ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu]\n[ 90.003023] ? ttm_resource_alloc+0xf6/0x220 [ttm]\n[ 90.003038] amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu]\n[ 90.003210] ? __x64_sys_ioctl+0x131/0x1a0\n[ 90.003210] ? do_syscall_64+0x60/0x90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53352",
"url": "https://www.suse.com/security/cve/CVE-2023-53352"
},
{
"category": "external",
"summary": "SUSE Bug 1250006 for CVE-2023-53352",
"url": "https://bugzilla.suse.com/1250006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53352"
},
{
"cve": "CVE-2023-53354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nskbuff: skb_segment, Call zero copy functions before using skbuff frags\n\nCommit bf5c25d60861 (\"skbuff: in skb_segment, call zerocopy functions\nonce per nskb\") added the call to zero copy functions in skb_segment().\nThe change introduced a bug in skb_segment() because skb_orphan_frags()\nmay possibly change the number of fragments or allocate new fragments\naltogether leaving nrfrags and frag to point to the old values. This can\ncause a panic with stacktrace like the one below.\n\n[ 193.894380] BUG: kernel NULL pointer dereference, address: 00000000000000bc\n[ 193.895273] CPU: 13 PID: 18164 Comm: vh-net-17428 Kdump: loaded Tainted: G O 5.15.123+ #26\n[ 193.903919] RIP: 0010:skb_segment+0xb0e/0x12f0\n[ 194.021892] Call Trace:\n[ 194.027422] \u003cTASK\u003e\n[ 194.072861] tcp_gso_segment+0x107/0x540\n[ 194.082031] inet_gso_segment+0x15c/0x3d0\n[ 194.090783] skb_mac_gso_segment+0x9f/0x110\n[ 194.095016] __skb_gso_segment+0xc1/0x190\n[ 194.103131] netem_enqueue+0x290/0xb10 [sch_netem]\n[ 194.107071] dev_qdisc_enqueue+0x16/0x70\n[ 194.110884] __dev_queue_xmit+0x63b/0xb30\n[ 194.121670] bond_start_xmit+0x159/0x380 [bonding]\n[ 194.128506] dev_hard_start_xmit+0xc3/0x1e0\n[ 194.131787] __dev_queue_xmit+0x8a0/0xb30\n[ 194.138225] macvlan_start_xmit+0x4f/0x100 [macvlan]\n[ 194.141477] dev_hard_start_xmit+0xc3/0x1e0\n[ 194.144622] sch_direct_xmit+0xe3/0x280\n[ 194.147748] __dev_queue_xmit+0x54a/0xb30\n[ 194.154131] tap_get_user+0x2a8/0x9c0 [tap]\n[ 194.157358] tap_sendmsg+0x52/0x8e0 [tap]\n[ 194.167049] handle_tx_zerocopy+0x14e/0x4c0 [vhost_net]\n[ 194.173631] handle_tx+0xcd/0xe0 [vhost_net]\n[ 194.176959] vhost_worker+0x76/0xb0 [vhost]\n[ 194.183667] kthread+0x118/0x140\n[ 194.190358] ret_from_fork+0x1f/0x30\n[ 194.193670] \u003c/TASK\u003e\n\nIn this case calling skb_orphan_frags() updated nr_frags leaving nrfrags\nlocal variable in skb_segment() stale. This resulted in the code hitting\ni \u003e= nrfrags prematurely and trying to move to next frag_skb using\nlist_skb pointer, which was NULL, and caused kernel panic. Move the call\nto zero copy functions before using frags and nr_frags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53354",
"url": "https://www.suse.com/security/cve/CVE-2023-53354"
},
{
"category": "external",
"summary": "SUSE Bug 1250004 for CVE-2023-53354",
"url": "https://bugzilla.suse.com/1250004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53354"
},
{
"cve": "CVE-2023-53356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53356"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Add null pointer check in gserial_suspend\n\nConsider a case where gserial_disconnect has already cleared\ngser-\u003eioport. And if gserial_suspend gets called afterwards,\nit will lead to accessing of gser-\u003eioport and thus causing\nnull pointer dereference.\n\nAvoid this by adding a null pointer check. Added a static\nspinlock to prevent gser-\u003eioport from becoming null after\nthe newly added null pointer check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53356",
"url": "https://www.suse.com/security/cve/CVE-2023-53356"
},
{
"category": "external",
"summary": "SUSE Bug 1249997 for CVE-2023-53356",
"url": "https://bugzilla.suse.com/1249997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53356"
},
{
"cve": "CVE-2023-53357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53357"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: check slab-out-of-bounds in md_bitmap_get_counter\n\nIf we write a large number to md/bitmap_set_bits, md_bitmap_checkpage()\nwill return -EINVAL because \u0027page \u003e= bitmap-\u003epages\u0027, but the return value\nwas not checked immediately in md_bitmap_get_counter() in order to set\n*blocks value and slab-out-of-bounds occurs.\n\nMove check of \u0027page \u003e= bitmap-\u003epages\u0027 to md_bitmap_get_counter() and\nreturn directly if true.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53357",
"url": "https://www.suse.com/security/cve/CVE-2023-53357"
},
{
"category": "external",
"summary": "SUSE Bug 1249994 for CVE-2023-53357",
"url": "https://bugzilla.suse.com/1249994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53357"
},
{
"cve": "CVE-2023-53360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.2: Rework scratch handling for READ_PLUS (again)\n\nI found that the read code might send multiple requests using the same\nnfs_pgio_header, but nfs4_proc_read_setup() is only called once. This is\nhow we ended up occasionally double-freeing the scratch buffer, but also\nmeans we set a NULL pointer but non-zero length to the xdr scratch\nbuffer. This results in an oops the first time decoding needs to copy\nsomething to scratch, which frequently happens when decoding READ_PLUS\nhole segments.\n\nI fix this by moving scratch handling into the pageio read code. I\nprovide a function to allocate scratch space for decoding read replies,\nand free the scratch buffer when the nfs_pgio_header is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53360",
"url": "https://www.suse.com/security/cve/CVE-2023-53360"
},
{
"category": "external",
"summary": "SUSE Bug 1249990 for CVE-2023-53360",
"url": "https://bugzilla.suse.com/1249990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53360"
},
{
"cve": "CVE-2023-53362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: fsl-mc: don\u0027t assume child devices are all fsl-mc devices\n\nChanges in VFIO caused a pseudo-device to be created as child of\nfsl-mc devices causing a crash [1] when trying to bind a fsl-mc\ndevice to VFIO. Fix this by checking the device type when enumerating\nfsl-mc child devices.\n\n[1]\nModules linked in:\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nCPU: 6 PID: 1289 Comm: sh Not tainted 6.2.0-rc5-00047-g7c46948a6e9c #2\nHardware name: NXP Layerscape LX2160ARDB (DT)\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mc_send_command+0x24/0x1f0\nlr : dprc_get_obj_region+0xfc/0x1c0\nsp : ffff80000a88b900\nx29: ffff80000a88b900 x28: ffff48a9429e1400 x27: 00000000000002b2\nx26: ffff48a9429e1718 x25: 0000000000000000 x24: 0000000000000000\nx23: ffffd59331ba3918 x22: ffffd59331ba3000 x21: 0000000000000000\nx20: ffff80000a88b9b8 x19: 0000000000000000 x18: 0000000000000001\nx17: 7270642f636d2d6c x16: 73662e3030303030 x15: ffffffffffffffff\nx14: ffffd59330f1d668 x13: ffff48a8727dc389 x12: ffff48a8727dc386\nx11: 0000000000000002 x10: 00008ceaf02f35d4 x9 : 0000000000000012\nx8 : 0000000000000000 x7 : 0000000000000006 x6 : ffff80000a88bab0\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80000a88b9e8\nx2 : ffff80000a88b9e8 x1 : 0000000000000000 x0 : ffff48a945142b80\nCall trace:\n mc_send_command+0x24/0x1f0\n dprc_get_obj_region+0xfc/0x1c0\n fsl_mc_device_add+0x340/0x590\n fsl_mc_obj_device_add+0xd0/0xf8\n dprc_scan_objects+0x1c4/0x340\n dprc_scan_container+0x38/0x60\n vfio_fsl_mc_probe+0x9c/0xf8\n fsl_mc_driver_probe+0x24/0x70\n really_probe+0xbc/0x2a8\n __driver_probe_device+0x78/0xe0\n device_driver_attach+0x30/0x68\n bind_store+0xa8/0x130\n drv_attr_store+0x24/0x38\n sysfs_kf_write+0x44/0x60\n kernfs_fop_write_iter+0x128/0x1b8\n vfs_write+0x334/0x448\n ksys_write+0x68/0xf0\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x108\n el0_svc_common.constprop.1+0x94/0xf8\n do_el0_svc+0x38/0xb0\n el0_svc+0x20/0x50\n el0t_64_sync_handler+0x98/0xc0\n el0t_64_sync+0x174/0x178\nCode: aa0103f4 a9025bf5 d5384100 b9400801 (79401260)\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53362",
"url": "https://www.suse.com/security/cve/CVE-2023-53362"
},
{
"category": "external",
"summary": "SUSE Bug 1249993 for CVE-2023-53362",
"url": "https://bugzilla.suse.com/1249993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53362"
},
{
"cve": "CVE-2023-53364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53364"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: da9063: better fix null deref with partial DT\n\nTwo versions of the original patch were sent but V1 was merged instead\nof V2 due to a mistake.\n\nSo update to V2.\n\nThe advantage of V2 is that it completely avoids dereferencing the pointer,\neven just to take the address, which may fix problems with some compilers.\nBoth versions work on my gcc 9.4 but use the safer one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53364",
"url": "https://www.suse.com/security/cve/CVE-2023-53364"
},
{
"category": "external",
"summary": "SUSE Bug 1249984 for CVE-2023-53364",
"url": "https://bugzilla.suse.com/1249984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53364"
},
{
"cve": "CVE-2023-53365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n \u003cTASK\u003e\n skb_push+0xc4/0xe0\n ip6mr_cache_report+0xd69/0x19b0\n reg_vif_xmit+0x406/0x690\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n vlan_dev_hard_start_xmit+0x3ab/0x5c0\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n neigh_connected_output+0x3ed/0x570\n ip6_finish_output2+0x5b5/0x1950\n ip6_finish_output+0x693/0x11c0\n ip6_output+0x24b/0x880\n NF_HOOK.constprop.0+0xfd/0x530\n ndisc_send_skb+0x9db/0x1400\n ndisc_send_rs+0x12a/0x6c0\n addrconf_dad_completed+0x3c9/0xea0\n addrconf_dad_work+0x849/0x1420\n process_one_work+0xa22/0x16e0\n worker_thread+0x679/0x10c0\n ret_from_fork+0x28/0x60\n ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n ip6mr_cache_report()\n skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb-\u003edata -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb-\u003edata is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53365",
"url": "https://www.suse.com/security/cve/CVE-2023-53365"
},
{
"category": "external",
"summary": "SUSE Bug 1249988 for CVE-2023-53365",
"url": "https://bugzilla.suse.com/1249988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53365"
},
{
"cve": "CVE-2023-53367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/habanalabs: fix mem leak in capture user mappings\n\nThis commit fixes a memory leak caused when clearing the user_mappings\ninfo when a new context is opened immediately after user_mapping is\ncaptured and a hard reset is performed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53367",
"url": "https://www.suse.com/security/cve/CVE-2023-53367"
},
{
"category": "external",
"summary": "SUSE Bug 1250243 for CVE-2023-53367",
"url": "https://bugzilla.suse.com/1250243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53367"
},
{
"cve": "CVE-2023-53368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53368"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix race issue between cpu buffer write and swap\n\nWarning happened in rb_end_commit() at code:\n\tif (RB_WARN_ON(cpu_buffer, !local_read(\u0026cpu_buffer-\u003ecommitting)))\n\n WARNING: CPU: 0 PID: 139 at kernel/trace/ring_buffer.c:3142\n\trb_commit+0x402/0x4a0\n Call Trace:\n ring_buffer_unlock_commit+0x42/0x250\n trace_buffer_unlock_commit_regs+0x3b/0x250\n trace_event_buffer_commit+0xe5/0x440\n trace_event_buffer_reserve+0x11c/0x150\n trace_event_raw_event_sched_switch+0x23c/0x2c0\n __traceiter_sched_switch+0x59/0x80\n __schedule+0x72b/0x1580\n schedule+0x92/0x120\n worker_thread+0xa0/0x6f0\n\nIt is because the race between writing event into cpu buffer and swapping\ncpu buffer through file per_cpu/cpu0/snapshot:\n\n Write on CPU 0 Swap buffer by per_cpu/cpu0/snapshot on CPU 1\n -------- --------\n tracing_snapshot_write()\n [...]\n\n ring_buffer_lock_reserve()\n cpu_buffer = buffer-\u003ebuffers[cpu]; // 1. Suppose find \u0027cpu_buffer_a\u0027;\n [...]\n rb_reserve_next_event()\n [...]\n\n ring_buffer_swap_cpu()\n if (local_read(\u0026cpu_buffer_a-\u003ecommitting))\n goto out_dec;\n if (local_read(\u0026cpu_buffer_b-\u003ecommitting))\n goto out_dec;\n buffer_a-\u003ebuffers[cpu] = cpu_buffer_b;\n buffer_b-\u003ebuffers[cpu] = cpu_buffer_a;\n // 2. cpu_buffer has swapped here.\n\n rb_start_commit(cpu_buffer);\n if (unlikely(READ_ONCE(cpu_buffer-\u003ebuffer)\n != buffer)) { // 3. This check passed due to \u0027cpu_buffer-\u003ebuffer\u0027\n [...] // has not changed here.\n return NULL;\n }\n cpu_buffer_b-\u003ebuffer = buffer_a;\n cpu_buffer_a-\u003ebuffer = buffer_b;\n [...]\n\n // 4. Reserve event from \u0027cpu_buffer_a\u0027.\n\n ring_buffer_unlock_commit()\n [...]\n cpu_buffer = buffer-\u003ebuffers[cpu]; // 5. Now find \u0027cpu_buffer_b\u0027 !!!\n rb_commit(cpu_buffer)\n rb_end_commit() // 6. WARN for the wrong \u0027committing\u0027 state !!!\n\nBased on above analysis, we can easily reproduce by following testcase:\n ``` bash\n #!/bin/bash\n\n dmesg -n 7\n sysctl -w kernel.panic_on_warn=1\n TR=/sys/kernel/tracing\n echo 7 \u003e ${TR}/buffer_size_kb\n echo \"sched:sched_switch\" \u003e ${TR}/set_event\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n while [ true ]; do\n echo 1 \u003e ${TR}/per_cpu/cpu0/snapshot\n done \u0026\n ```\n\nTo fix it, IIUC, we can use smp_call_function_single() to do the swap on\nthe target cpu where the buffer is located, so that above race would be\navoided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53368",
"url": "https://www.suse.com/security/cve/CVE-2023-53368"
},
{
"category": "external",
"summary": "SUSE Bug 1249979 for CVE-2023-53368",
"url": "https://bugzilla.suse.com/1249979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53368"
},
{
"cve": "CVE-2023-53369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53369"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dcb: choose correct policy to parse DCB_ATTR_BCN\n\nThe dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN],\nwhich is introduced in commit 859ee3c43812 (\"DCB: Add support for DCB\nBCN\"). Please see the comment in below code\n\nstatic int dcbnl_bcn_setcfg(...)\n{\n ...\n ret = nla_parse_nested_deprecated(..., dcbnl_pfc_up_nest, .. )\n // !!! dcbnl_pfc_up_nest for attributes\n // DCB_PFC_UP_ATTR_0 to DCB_PFC_UP_ATTR_ALL in enum dcbnl_pfc_up_attrs\n ...\n for (i = DCB_BCN_ATTR_RP_0; i \u003c= DCB_BCN_ATTR_RP_7; i++) {\n // !!! DCB_BCN_ATTR_RP_0 to DCB_BCN_ATTR_RP_7 in enum dcbnl_bcn_attrs\n ...\n value_byte = nla_get_u8(data[i]);\n ...\n }\n ...\n for (i = DCB_BCN_ATTR_BCNA_0; i \u003c= DCB_BCN_ATTR_RI; i++) {\n // !!! DCB_BCN_ATTR_BCNA_0 to DCB_BCN_ATTR_RI in enum dcbnl_bcn_attrs\n ...\n value_int = nla_get_u32(data[i]);\n ...\n }\n ...\n}\n\nThat is, the nla_parse_nested_deprecated uses dcbnl_pfc_up_nest\nattributes to parse nlattr defined in dcbnl_pfc_up_attrs. But the\nfollowing access code fetch each nlattr as dcbnl_bcn_attrs attributes.\nBy looking up the associated nla_policy for dcbnl_bcn_attrs. We can find\nthe beginning part of these two policies are \"same\".\n\nstatic const struct nla_policy dcbnl_pfc_up_nest[...] = {\n [DCB_PFC_UP_ATTR_0] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_1] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_2] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_3] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_4] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_5] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_6] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_7] = {.type = NLA_U8},\n [DCB_PFC_UP_ATTR_ALL] = {.type = NLA_FLAG},\n};\n\nstatic const struct nla_policy dcbnl_bcn_nest[...] = {\n [DCB_BCN_ATTR_RP_0] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_1] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_2] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_3] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_4] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_5] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_6] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_7] = {.type = NLA_U8},\n [DCB_BCN_ATTR_RP_ALL] = {.type = NLA_FLAG},\n // from here is somewhat different\n [DCB_BCN_ATTR_BCNA_0] = {.type = NLA_U32},\n ...\n [DCB_BCN_ATTR_ALL] = {.type = NLA_FLAG},\n};\n\nTherefore, the current code is buggy and this\nnla_parse_nested_deprecated could overflow the dcbnl_pfc_up_nest and use\nthe adjacent nla_policy to parse attributes from DCB_BCN_ATTR_BCNA_0.\n\nHence use the correct policy dcbnl_bcn_nest to parse the nested\ntb[DCB_ATTR_BCN] TLV.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53369",
"url": "https://www.suse.com/security/cve/CVE-2023-53369"
},
{
"category": "external",
"summary": "SUSE Bug 1250206 for CVE-2023-53369",
"url": "https://bugzilla.suse.com/1250206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53369"
},
{
"cve": "CVE-2023-53370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53370"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix memory leak in mes self test\n\nThe fences associated with mes queue have to be freed\nup during amdgpu_ring_fini.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53370",
"url": "https://www.suse.com/security/cve/CVE-2023-53370"
},
{
"category": "external",
"summary": "SUSE Bug 1250208 for CVE-2023-53370",
"url": "https://bugzilla.suse.com/1250208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53370"
},
{
"cve": "CVE-2023-53371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create\n\nThe memory pointed to by the fs-\u003eany pointer is not freed in the error\npath of mlx5e_fs_tt_redirect_any_create, which can lead to a memory leak.\nFix by freeing the memory in the error path, thereby making the error path\nidentical to mlx5e_fs_tt_redirect_any_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53371",
"url": "https://www.suse.com/security/cve/CVE-2023-53371"
},
{
"category": "external",
"summary": "SUSE Bug 1250112 for CVE-2023-53371",
"url": "https://bugzilla.suse.com/1250112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53371"
},
{
"cve": "CVE-2023-53374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53374"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early\n\nNot calling hci_(dis)connect_cfm before deleting conn referred to by a\nsocket generally results to use-after-free.\n\nWhen cleaning up SCO connections when the parent ACL is deleted too\nearly, use hci_conn_failed to do the connection cleanup properly.\n\nWe also need to clean up ISO connections in a similar situation when\nconnecting has started but LE Create CIS is not yet sent, so do it too\nhere.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53374",
"url": "https://www.suse.com/security/cve/CVE-2023-53374"
},
{
"category": "external",
"summary": "SUSE Bug 1250196 for CVE-2023-53374",
"url": "https://bugzilla.suse.com/1250196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53374"
},
{
"cve": "CVE-2023-53377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53377"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent use-after-free by freeing the cfile later\n\nIn smb2_compound_op we have a possible use-after-free\nwhich can cause hard to debug problems later on.\n\nThis was revealed during stress testing with KASAN enabled\nkernel. Fixing it by moving the cfile free call to\na few lines below, after the usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53377",
"url": "https://www.suse.com/security/cve/CVE-2023-53377"
},
{
"category": "external",
"summary": "SUSE Bug 1250161 for CVE-2023-53377",
"url": "https://bugzilla.suse.com/1250161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53377"
},
{
"cve": "CVE-2023-53379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()\n\nSmatch reports:\ndrivers/usb/phy/phy-tahvo.c: tahvo_usb_probe()\nwarn: missing unwind goto?\n\nAfter geting irq, if ret \u003c 0, it will return without error handling to\nfree memory.\nJust add error handling to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53379",
"url": "https://www.suse.com/security/cve/CVE-2023-53379"
},
{
"category": "external",
"summary": "SUSE Bug 1250128 for CVE-2023-53379",
"url": "https://bugzilla.suse.com/1250128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53379"
},
{
"cve": "CVE-2023-53380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53380"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null-ptr-deref of mreplace in raid10_sync_request\n\nThere are two check of \u0027mreplace\u0027 in raid10_sync_request(). In the first\ncheck, \u0027need_replace\u0027 will be set and \u0027mreplace\u0027 will be used later if\nno-Faulty \u0027mreplace\u0027 exists, In the second check, \u0027mreplace\u0027 will be\nset to NULL if it is Faulty, but \u0027need_replace\u0027 will not be changed\naccordingly. null-ptr-deref occurs if Faulty is set between two check.\n\nFix it by merging two checks into one. And replace \u0027need_replace\u0027 with\n\u0027mreplace\u0027 because their values are always the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53380",
"url": "https://www.suse.com/security/cve/CVE-2023-53380"
},
{
"category": "external",
"summary": "SUSE Bug 1250198 for CVE-2023-53380",
"url": "https://bugzilla.suse.com/1250198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53380"
},
{
"cve": "CVE-2023-53384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53384"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: avoid possible NULL skb pointer dereference\n\nIn \u0027mwifiex_handle_uap_rx_forward()\u0027, always check the value\nreturned by \u0027skb_copy()\u0027 to avoid potential NULL pointer\ndereference in \u0027mwifiex_uap_queue_bridged_pkt()\u0027, and drop\noriginal skb in case of copying failure.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53384",
"url": "https://www.suse.com/security/cve/CVE-2023-53384"
},
{
"category": "external",
"summary": "SUSE Bug 1250127 for CVE-2023-53384",
"url": "https://bugzilla.suse.com/1250127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53384"
},
{
"cve": "CVE-2023-53385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mdp3: Fix resource leaks in of_find_device_by_node\n\nUse put_device to release the object get through of_find_device_by_node,\navoiding resource leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53385",
"url": "https://www.suse.com/security/cve/CVE-2023-53385"
},
{
"category": "external",
"summary": "SUSE Bug 1250319 for CVE-2023-53385",
"url": "https://bugzilla.suse.com/1250319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53385"
},
{
"cve": "CVE-2023-53386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix potential use-after-free when clear keys\n\nSimilar to commit c5d2b6fa26b5 (\"Bluetooth: Fix use-after-free in\nhci_remove_ltk/hci_remove_irk\"). We can not access k after kfree_rcu()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53386",
"url": "https://www.suse.com/security/cve/CVE-2023-53386"
},
{
"category": "external",
"summary": "SUSE Bug 1250106 for CVE-2023-53386",
"url": "https://bugzilla.suse.com/1250106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53386"
},
{
"cve": "CVE-2023-53391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nshmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs\n\nAs the ramfs-based tmpfs uses ramfs_init_fs_context() for the\ninit_fs_context method, which allocates fc-\u003es_fs_info, use ramfs_kill_sb()\nto free it and avoid a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53391",
"url": "https://www.suse.com/security/cve/CVE-2023-53391"
},
{
"category": "external",
"summary": "SUSE Bug 1250117 for CVE-2023-53391",
"url": "https://bugzilla.suse.com/1250117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53391"
},
{
"cve": "CVE-2023-53394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53394"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: xsk: Fix crash on regular rq reactivation\n\nWhen the regular rq is reactivated after the XSK socket is closed\nit could be reading stale cqes which eventually corrupts the rq.\nThis leads to no more traffic being received on the regular rq and a\ncrash on the next close or deactivation of the rq.\n\nKal Cuttler Conely reported this issue as a crash on the release\npath when the xdpsock sample program is stopped (killed) and restarted\nin sequence while traffic is running.\n\nThis patch flushes all cqes when during the rq flush. The cqe flushing\nis done in the reset state of the rq. mlx5e_rq_to_ready code is moved\ninto the flush function to allow for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53394",
"url": "https://www.suse.com/security/cve/CVE-2023-53394"
},
{
"category": "external",
"summary": "SUSE Bug 1250199 for CVE-2023-53394",
"url": "https://bugzilla.suse.com/1250199"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53394"
},
{
"cve": "CVE-2023-53395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer\n\nACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5\n\nAccording to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode.\n\nWhen ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer instruction opcode, issue is not observed.\n\n=============================================================\nUBSAN: array-index-out-of-bounds in acpica/dswexec.c:401:12 index -1 is out of range for type \u0027union acpi_operand_object *[9]\u0027\nCPU: 37 PID: 1678 Comm: cat Not tainted\n6.0.0-dev-th500-6.0.y-1+bcf8c46459e407-generic-64k\nHW name: NVIDIA BIOS v1.1.1-d7acbfc-dirty 12/19/2022 Call trace:\n dump_backtrace+0xe0/0x130\n show_stack+0x20/0x60\n dump_stack_lvl+0x68/0x84\n dump_stack+0x18/0x34\n ubsan_epilogue+0x10/0x50\n __ubsan_handle_out_of_bounds+0x80/0x90\n acpi_ds_exec_end_op+0x1bc/0x6d8\n acpi_ps_parse_loop+0x57c/0x618\n acpi_ps_parse_aml+0x1e0/0x4b4\n acpi_ps_execute_method+0x24c/0x2b8\n acpi_ns_evaluate+0x3a8/0x4bc\n acpi_evaluate_object+0x15c/0x37c\n acpi_evaluate_integer+0x54/0x15c\n show_power+0x8c/0x12c [acpi_power_meter]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53395",
"url": "https://www.suse.com/security/cve/CVE-2023-53395"
},
{
"category": "external",
"summary": "SUSE Bug 1250358 for CVE-2023-53395",
"url": "https://bugzilla.suse.com/1250358"
},
{
"category": "external",
"summary": "SUSE Bug 1250359 for CVE-2023-53395",
"url": "https://bugzilla.suse.com/1250359"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53395"
},
{
"cve": "CVE-2023-53397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodpost: fix off by one in is_executable_section()\n\nThe \u003e comparison should be \u003e= to prevent an out of bounds array\naccess.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53397",
"url": "https://www.suse.com/security/cve/CVE-2023-53397"
},
{
"category": "external",
"summary": "SUSE Bug 1250125 for CVE-2023-53397",
"url": "https://bugzilla.suse.com/1250125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53397"
},
{
"cve": "CVE-2023-53401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()\n\nKCSAN found an issue in obj_stock_flush_required():\nstock-\u003ecached_objcg can be reset between the check and dereference:\n\n==================================================================\nBUG: KCSAN: data-race in drain_all_stock / drain_obj_stock\n\nwrite to 0xffff888237c2a2f8 of 8 bytes by task 19625 on cpu 0:\n drain_obj_stock+0x408/0x4e0 mm/memcontrol.c:3306\n refill_obj_stock+0x9c/0x1e0 mm/memcontrol.c:3340\n obj_cgroup_uncharge+0xe/0x10 mm/memcontrol.c:3408\n memcg_slab_free_hook mm/slab.h:587 [inline]\n __cache_free mm/slab.c:3373 [inline]\n __do_kmem_cache_free mm/slab.c:3577 [inline]\n kmem_cache_free+0x105/0x280 mm/slab.c:3602\n __d_free fs/dcache.c:298 [inline]\n dentry_free fs/dcache.c:375 [inline]\n __dentry_kill+0x422/0x4a0 fs/dcache.c:621\n dentry_kill+0x8d/0x1e0\n dput+0x118/0x1f0 fs/dcache.c:913\n __fput+0x3bf/0x570 fs/file_table.c:329\n ____fput+0x15/0x20 fs/file_table.c:349\n task_work_run+0x123/0x160 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop+0xcf/0xe0 kernel/entry/common.c:171\n exit_to_user_mode_prepare+0x6a/0xa0 kernel/entry/common.c:203\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:296\n do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffff888237c2a2f8 of 8 bytes by task 19632 on cpu 1:\n obj_stock_flush_required mm/memcontrol.c:3319 [inline]\n drain_all_stock+0x174/0x2a0 mm/memcontrol.c:2361\n try_charge_memcg+0x6d0/0xd10 mm/memcontrol.c:2703\n try_charge mm/memcontrol.c:2837 [inline]\n mem_cgroup_charge_skmem+0x51/0x140 mm/memcontrol.c:7290\n sock_reserve_memory+0xb1/0x390 net/core/sock.c:1025\n sk_setsockopt+0x800/0x1e70 net/core/sock.c:1525\n udp_lib_setsockopt+0x99/0x6c0 net/ipv4/udp.c:2692\n udp_setsockopt+0x73/0xa0 net/ipv4/udp.c:2817\n sock_common_setsockopt+0x61/0x70 net/core/sock.c:3668\n __sys_setsockopt+0x1c3/0x230 net/socket.c:2271\n __do_sys_setsockopt net/socket.c:2282 [inline]\n __se_sys_setsockopt net/socket.c:2279 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2279\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0xffff8881382d52c0 -\u003e 0xffff888138893740\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 19632 Comm: syz-executor.0 Not tainted 6.3.0-rc2-syzkaller-00387-g534293368afa #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023\n\nFix it by using READ_ONCE()/WRITE_ONCE() for all accesses to\nstock-\u003ecached_objcg.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53401",
"url": "https://www.suse.com/security/cve/CVE-2023-53401"
},
{
"category": "external",
"summary": "SUSE Bug 1250120 for CVE-2023-53401",
"url": "https://bugzilla.suse.com/1250120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53401"
},
{
"cve": "CVE-2023-53420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53420"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr()\n\nHere is a BUG report from syzbot:\n\nBUG: KASAN: slab-out-of-bounds in ntfs_list_ea fs/ntfs3/xattr.c:191 [inline]\nBUG: KASAN: slab-out-of-bounds in ntfs_listxattr+0x401/0x570 fs/ntfs3/xattr.c:710\nRead of size 1 at addr ffff888021acaf3d by task syz-executor128/3632\n\nCall Trace:\n ntfs_list_ea fs/ntfs3/xattr.c:191 [inline]\n ntfs_listxattr+0x401/0x570 fs/ntfs3/xattr.c:710\n vfs_listxattr fs/xattr.c:457 [inline]\n listxattr+0x293/0x2d0 fs/xattr.c:804\n\nFix the logic of ea_all iteration. When the ea-\u003ename_len is 0,\nreturn immediately, or Add2Ptr() would visit invalid memory\nin the next loop.\n\n[almaz.alexandrovich@paragon-software.com: lines of the patch have changed]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53420",
"url": "https://www.suse.com/security/cve/CVE-2023-53420"
},
{
"category": "external",
"summary": "SUSE Bug 1250186 for CVE-2023-53420",
"url": "https://bugzilla.suse.com/1250186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53420"
},
{
"cve": "CVE-2023-53421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53421"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()\n\nWhen blkg_alloc() is called to allocate a blkcg_gq structure\nwith the associated blkg_iostat_set\u0027s, there are 2 fields within\nblkg_iostat_set that requires proper initialization - blkg \u0026 sync.\nThe former field was introduced by commit 3b8cc6298724 (\"blk-cgroup:\nOptimize blkcg_rstat_flush()\") while the later one was introduced by\ncommit f73316482977 (\"blk-cgroup: reimplement basic IO stats using\ncgroup rstat\").\n\nUnfortunately those fields in the blkg_iostat_set\u0027s are not properly\nre-initialized when they are cleared in v1\u0027s blkcg_reset_stats(). This\ncan lead to a kernel panic due to NULL pointer access of the blkg\npointer. The missing initialization of sync is less problematic and\ncan be a problem in a debug kernel due to missing lockdep initialization.\n\nFix these problems by re-initializing them after memory clearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53421",
"url": "https://www.suse.com/security/cve/CVE-2023-53421"
},
{
"category": "external",
"summary": "SUSE Bug 1250171 for CVE-2023-53421",
"url": "https://bugzilla.suse.com/1250171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53421"
},
{
"cve": "CVE-2023-53424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53424"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: fix of_iomap memory leak\n\nSmatch reports:\ndrivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn:\n \u0027base\u0027 from of_iomap() not released on lines: 496.\n\nThis problem was also found in linux-next. In mtk_clk_simple_probe(),\nbase is not released when handling errors\nif clk_data is not existed, which may cause a leak.\nSo free_base should be added here to release base.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53424",
"url": "https://www.suse.com/security/cve/CVE-2023-53424"
},
{
"category": "external",
"summary": "SUSE Bug 1250169 for CVE-2023-53424",
"url": "https://bugzilla.suse.com/1250169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53424"
},
{
"cve": "CVE-2023-53425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53425"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: platform: mediatek: vpu: fix NULL ptr dereference\n\nIf pdev is NULL, then it is still dereferenced.\n\nThis fixes this smatch warning:\n\ndrivers/media/platform/mediatek/vpu/mtk_vpu.c:570 vpu_load_firmware() warn: address of NULL pointer \u0027pdev\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53425",
"url": "https://www.suse.com/security/cve/CVE-2023-53425"
},
{
"category": "external",
"summary": "SUSE Bug 1250290 for CVE-2023-53425",
"url": "https://bugzilla.suse.com/1250290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53425"
},
{
"cve": "CVE-2023-53426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53426"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Fix xsk_diag use-after-free error during socket cleanup\n\nFix a use-after-free error that is possible if the xsk_diag interface\nis used after the socket has been unbound from the device. This can\nhappen either due to the socket being closed or the device\ndisappearing. In the early days of AF_XDP, the way we tested that a\nsocket was not bound to a device was to simply check if the netdevice\npointer in the xsk socket structure was NULL. Later, a better system\nwas introduced by having an explicit state variable in the xsk socket\nstruct. For example, the state of a socket that is on the way to being\nclosed and has been unbound from the device is XSK_UNBOUND.\n\nThe commit in the Fixes tag below deleted the old way of signalling\nthat a socket is unbound, setting dev to NULL. This in the belief that\nall code using the old way had been exterminated. That was\nunfortunately not true as the xsk diagnostics code was still using the\nold way and thus does not work as intended when a socket is going\ndown. Fix this by introducing a test against the state variable. If\nthe socket is in the state XSK_UNBOUND, simply abort the diagnostic\u0027s\nnetlink operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53426",
"url": "https://www.suse.com/security/cve/CVE-2023-53426"
},
{
"category": "external",
"summary": "SUSE Bug 1250166 for CVE-2023-53426",
"url": "https://bugzilla.suse.com/1250166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53426"
},
{
"cve": "CVE-2023-53428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53428"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: arm_scmi: Remove recursion while parsing zones\n\nPowercap zones can be defined as arranged in a hierarchy of trees and when\nregistering a zone with powercap_register_zone(), the kernel powercap\nsubsystem expects this to happen starting from the root zones down to the\nleaves; on the other side, de-registration by powercap_deregister_zone()\nmust begin from the leaf zones.\n\nAvailable SCMI powercap zones are retrieved dynamically from the platform\nat probe time and, while any defined hierarchy between the zones is\ndescribed properly in the zones descriptor, the platform returns the\navailables zones with no particular well-defined order: as a consequence,\nthe trees possibly composing the hierarchy of zones have to be somehow\nwalked properly to register the retrieved zones from the root.\n\nCurrently the ARM SCMI Powercap driver walks the zones using a recursive\nalgorithm; this approach, even though correct and tested can lead to kernel\nstack overflow when processing a returned hierarchy of zones composed by\nparticularly high trees.\n\nAvoid possible kernel stack overflow by substituting the recursive approach\nwith an iterative one supported by a dynamically allocated stack-like data\nstructure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53428",
"url": "https://www.suse.com/security/cve/CVE-2023-53428"
},
{
"category": "external",
"summary": "SUSE Bug 1250167 for CVE-2023-53428",
"url": "https://bugzilla.suse.com/1250167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53428"
},
{
"cve": "CVE-2023-53429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t check PageError in __extent_writepage\n\n__extent_writepage currenly sets PageError whenever any error happens,\nand the also checks for PageError to decide if to call error handling.\nThis leads to very unclear responsibility for cleaning up on errors.\nIn the VM and generic writeback helpers the basic idea is that once\nI/O is fired off all error handling responsibility is delegated to the\nend I/O handler. But if that end I/O handler sets the PageError bit,\nand the submitter checks it, the bit could in some cases leak into the\nsubmission context for fast enough I/O.\n\nFix this by simply not checking PageError and just using the local\nret variable to check for submission errors. This also fundamentally\nsolves the long problem documented in a comment in __extent_writepage\nby never leaking the error bit into the submission context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53429",
"url": "https://www.suse.com/security/cve/CVE-2023-53429"
},
{
"category": "external",
"summary": "SUSE Bug 1250384 for CVE-2023-53429",
"url": "https://bugzilla.suse.com/1250384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53429"
},
{
"cve": "CVE-2023-53432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: net: fix use after free in fwnet_finish_incoming_packet()\n\nThe netif_rx() function frees the skb so we can\u0027t dereference it to\nsave the skb-\u003elen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53432",
"url": "https://www.suse.com/security/cve/CVE-2023-53432"
},
{
"category": "external",
"summary": "SUSE Bug 1250426 for CVE-2023-53432",
"url": "https://bugzilla.suse.com/1250426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53432"
},
{
"cve": "CVE-2023-53436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: snic: Fix possible memory leak if device_add() fails\n\nIf device_add() returns error, the name allocated by dev_set_name() needs\nbe freed. As the comment of device_add() says, put_device() should be used\nto give up the reference in the error path. So fix this by calling\nput_device(), then the name can be freed in kobject_cleanp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53436",
"url": "https://www.suse.com/security/cve/CVE-2023-53436"
},
{
"category": "external",
"summary": "SUSE Bug 1250156 for CVE-2023-53436",
"url": "https://bugzilla.suse.com/1250156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53436"
},
{
"cve": "CVE-2023-53438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/MCE: Always save CS register on AMD Zen IF Poison errors\n\nThe Instruction Fetch (IF) units on current AMD Zen-based systems do not\nguarantee a synchronous #MC is delivered for poison consumption errors.\nTherefore, MCG_STATUS[EIPV|RIPV] will not be set. However, the\nmicroarchitecture does guarantee that the exception is delivered within\nthe same context. In other words, the exact rIP is not known, but the\ncontext is known to not have changed.\n\nThere is no architecturally-defined method to determine this behavior.\n\nThe Code Segment (CS) register is always valid on such IF unit poison\nerrors regardless of the value of MCG_STATUS[EIPV|RIPV].\n\nAdd a quirk to save the CS register for poison consumption from the IF\nunit banks.\n\nThis is needed to properly determine the context of the error.\nOtherwise, the severity grading function will assume the context is\nIN_KERNEL due to the m-\u003ecs value being 0 (the initialized value). This\nleads to unnecessary kernel panics on data poison errors due to the\nkernel believing the poison consumption occurred in kernel context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53438",
"url": "https://www.suse.com/security/cve/CVE-2023-53438"
},
{
"category": "external",
"summary": "SUSE Bug 1250180 for CVE-2023-53438",
"url": "https://bugzilla.suse.com/1250180"
},
{
"category": "external",
"summary": "SUSE Bug 1250708 for CVE-2023-53438",
"url": "https://bugzilla.suse.com/1250708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53438"
},
{
"cve": "CVE-2023-53441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: cpumap: Fix memory leak in cpu_map_update_elem\n\nSyzkaller reported a memory leak as follows:\n\nBUG: memory leak\nunreferenced object 0xff110001198ef748 (size 192):\n comm \"syz-executor.3\", pid 17672, jiffies 4298118891 (age 9.906s)\n hex dump (first 32 bytes):\n 00 00 00 00 4a 19 00 00 80 ad e3 e4 fe ff c0 00 ....J...........\n 00 b2 d3 0c 01 00 11 ff 28 f5 8e 19 01 00 11 ff ........(.......\n backtrace:\n [\u003cffffffffadd28087\u003e] __cpu_map_entry_alloc+0xf7/0xb00\n [\u003cffffffffadd28d8e\u003e] cpu_map_update_elem+0x2fe/0x3d0\n [\u003cffffffffadc6d0fd\u003e] bpf_map_update_value.isra.0+0x2bd/0x520\n [\u003cffffffffadc7349b\u003e] map_update_elem+0x4cb/0x720\n [\u003cffffffffadc7d983\u003e] __se_sys_bpf+0x8c3/0xb90\n [\u003cffffffffb029cc80\u003e] do_syscall_64+0x30/0x40\n [\u003cffffffffb0400099\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nBUG: memory leak\nunreferenced object 0xff110001198ef528 (size 192):\n comm \"syz-executor.3\", pid 17672, jiffies 4298118891 (age 9.906s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffffadd281f0\u003e] __cpu_map_entry_alloc+0x260/0xb00\n [\u003cffffffffadd28d8e\u003e] cpu_map_update_elem+0x2fe/0x3d0\n [\u003cffffffffadc6d0fd\u003e] bpf_map_update_value.isra.0+0x2bd/0x520\n [\u003cffffffffadc7349b\u003e] map_update_elem+0x4cb/0x720\n [\u003cffffffffadc7d983\u003e] __se_sys_bpf+0x8c3/0xb90\n [\u003cffffffffb029cc80\u003e] do_syscall_64+0x30/0x40\n [\u003cffffffffb0400099\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nBUG: memory leak\nunreferenced object 0xff1100010fd93d68 (size 8):\n comm \"syz-executor.3\", pid 17672, jiffies 4298118891 (age 9.906s)\n hex dump (first 8 bytes):\n 00 00 00 00 00 00 00 00 ........\n backtrace:\n [\u003cffffffffade5db3e\u003e] kvmalloc_node+0x11e/0x170\n [\u003cffffffffadd28280\u003e] __cpu_map_entry_alloc+0x2f0/0xb00\n [\u003cffffffffadd28d8e\u003e] cpu_map_update_elem+0x2fe/0x3d0\n [\u003cffffffffadc6d0fd\u003e] bpf_map_update_value.isra.0+0x2bd/0x520\n [\u003cffffffffadc7349b\u003e] map_update_elem+0x4cb/0x720\n [\u003cffffffffadc7d983\u003e] __se_sys_bpf+0x8c3/0xb90\n [\u003cffffffffb029cc80\u003e] do_syscall_64+0x30/0x40\n [\u003cffffffffb0400099\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nIn the cpu_map_update_elem flow, when kthread_stop is called before\ncalling the threadfn of rcpu-\u003ekthread, since the KTHREAD_SHOULD_STOP bit\nof kthread has been set by kthread_stop, the threadfn of rcpu-\u003ekthread\nwill never be executed, and rcpu-\u003erefcnt will never be 0, which will\nlead to the allocated rcpu, rcpu-\u003equeue and rcpu-\u003equeue-\u003equeue cannot be\nreleased.\n\nCalling kthread_stop before executing kthread\u0027s threadfn will return\n-EINTR. We can complete the release of memory resources in this state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53441",
"url": "https://www.suse.com/security/cve/CVE-2023-53441"
},
{
"category": "external",
"summary": "SUSE Bug 1250150 for CVE-2023-53441",
"url": "https://bugzilla.suse.com/1250150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53441"
},
{
"cve": "CVE-2023-53442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53442"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Block switchdev mode when ADQ is active and vice versa\n\nADQ and switchdev are not supported simultaneously. Enabling both at the\nsame time can result in nullptr dereference.\n\nTo prevent this, check if ADQ is active when changing devlink mode to\nswitchdev mode, and check if switchdev is active when enabling ADQ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53442",
"url": "https://www.suse.com/security/cve/CVE-2023-53442"
},
{
"category": "external",
"summary": "SUSE Bug 1250201 for CVE-2023-53442",
"url": "https://bugzilla.suse.com/1250201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53442"
},
{
"cve": "CVE-2023-53444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: fix bulk_move corruption when adding a entry\n\nWhen the resource is the first in the bulk_move range, adding it again\n(thus moving it to the tail) will corrupt the list since the first\npointer is not moved. This eventually lead to null pointer deref in\nttm_lru_bulk_move_del()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53444",
"url": "https://www.suse.com/security/cve/CVE-2023-53444"
},
{
"category": "external",
"summary": "SUSE Bug 1250157 for CVE-2023-53444",
"url": "https://bugzilla.suse.com/1250157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53444"
},
{
"cve": "CVE-2023-53446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free\n\nStruct pcie_link_state-\u003edownstream is a pointer to the pci_dev of function\n0. Previously we retained that pointer when removing function 0, and\nsubsequent ASPM policy changes dereferenced it, resulting in a\nuse-after-free warning from KASAN, e.g.:\n\n # echo 1 \u003e /sys/bus/pci/devices/0000:03:00.0/remove\n # echo powersave \u003e /sys/module/pcie_aspm/parameters/policy\n\n BUG: KASAN: slab-use-after-free in pcie_config_aspm_link+0x42d/0x500\n Call Trace:\n kasan_report+0xae/0xe0\n pcie_config_aspm_link+0x42d/0x500\n pcie_aspm_set_policy+0x8e/0x1a0\n param_attr_store+0x162/0x2c0\n module_attr_store+0x3e/0x80\n\nPCIe spec r6.0, sec 7.5.3.7, recommends that software program the same ASPM\nControl value in all functions of multi-function devices.\n\nDisable ASPM and free the pcie_link_state when any child function is\nremoved so we can discard the dangling pcie_link_state-\u003edownstream pointer\nand maintain the same ASPM Control configuration for all functions.\n\n[bhelgaas: commit log and comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53446",
"url": "https://www.suse.com/security/cve/CVE-2023-53446"
},
{
"category": "external",
"summary": "SUSE Bug 1250145 for CVE-2023-53446",
"url": "https://bugzilla.suse.com/1250145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53446"
},
{
"cve": "CVE-2023-53447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53447"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: don\u0027t reset unchangable mount option in f2fs_remount()\n\nsyzbot reports a bug as below:\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN\nRIP: 0010:__lock_acquire+0x69/0x2000 kernel/locking/lockdep.c:4942\nCall Trace:\n lock_acquire+0x1e3/0x520 kernel/locking/lockdep.c:5691\n __raw_write_lock include/linux/rwlock_api_smp.h:209 [inline]\n _raw_write_lock+0x2e/0x40 kernel/locking/spinlock.c:300\n __drop_extent_tree+0x3ac/0x660 fs/f2fs/extent_cache.c:1100\n f2fs_drop_extent_tree+0x17/0x30 fs/f2fs/extent_cache.c:1116\n f2fs_insert_range+0x2d5/0x3c0 fs/f2fs/file.c:1664\n f2fs_fallocate+0x4e4/0x6d0 fs/f2fs/file.c:1838\n vfs_fallocate+0x54b/0x6b0 fs/open.c:324\n ksys_fallocate fs/open.c:347 [inline]\n __do_sys_fallocate fs/open.c:355 [inline]\n __se_sys_fallocate fs/open.c:353 [inline]\n __x64_sys_fallocate+0xbd/0x100 fs/open.c:353\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is race condition as below:\n- since it tries to remount rw filesystem, so that do_remount won\u0027t\ncall sb_prepare_remount_readonly to block fallocate, there may be race\ncondition in between remount and fallocate.\n- in f2fs_remount(), default_options() will reset mount option to default\none, and then update it based on result of parse_options(), so there is\na hole which race condition can happen.\n\nThread A\t\t\tThread B\n- f2fs_fill_super\n - parse_options\n - clear_opt(READ_EXTENT_CACHE)\n\n- f2fs_remount\n - default_options\n - set_opt(READ_EXTENT_CACHE)\n\t\t\t\t- f2fs_fallocate\n\t\t\t\t - f2fs_insert_range\n\t\t\t\t - f2fs_drop_extent_tree\n\t\t\t\t - __drop_extent_tree\n\t\t\t\t - __may_extent_tree\n\t\t\t\t - test_opt(READ_EXTENT_CACHE) return true\n\t\t\t\t - write_lock(\u0026et-\u003elock) access NULL pointer\n - parse_options\n - clear_opt(READ_EXTENT_CACHE)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53447",
"url": "https://www.suse.com/security/cve/CVE-2023-53447"
},
{
"category": "external",
"summary": "SUSE Bug 1250241 for CVE-2023-53447",
"url": "https://bugzilla.suse.com/1250241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53447"
},
{
"cve": "CVE-2023-53448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Removed unneeded release_mem_region\n\nRemove unnecessary release_mem_region from the error path to prevent\nmem region from being released twice, which could avoid resource leak\nor other unexpected issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53448",
"url": "https://www.suse.com/security/cve/CVE-2023-53448"
},
{
"category": "external",
"summary": "SUSE Bug 1250873 for CVE-2023-53448",
"url": "https://bugzilla.suse.com/1250873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53448"
},
{
"cve": "CVE-2023-53451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53451"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix potential NULL pointer dereference\n\nKlocwork tool reported \u0027cur_dsd\u0027 may be dereferenced. Add fix to validate\npointer before dereferencing the pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53451",
"url": "https://www.suse.com/security/cve/CVE-2023-53451"
},
{
"category": "external",
"summary": "SUSE Bug 1250831 for CVE-2023-53451",
"url": "https://bugzilla.suse.com/1250831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53451"
},
{
"cve": "CVE-2023-53454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Correct devm device reference for hidinput input_dev name\n\nReference the HID device rather than the input device for the devm\nallocation of the input_dev name. Referencing the input_dev would lead to a\nuse-after-free when the input_dev was unregistered and subsequently fires a\nuevent that depends on the name. At the point of firing the uevent, the\nname would be freed by devres management.\n\nUse devm_kasprintf to simplify the logic for allocating memory and\nformatting the input_dev name string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53454",
"url": "https://www.suse.com/security/cve/CVE-2023-53454"
},
{
"category": "external",
"summary": "SUSE Bug 1250759 for CVE-2023-53454",
"url": "https://bugzilla.suse.com/1250759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53454"
},
{
"cve": "CVE-2023-53456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Add length check when parsing nlattrs\n\nThere are three places that qla4xxx parses nlattrs:\n\n - qla4xxx_set_chap_entry()\n\n - qla4xxx_iface_set_param()\n\n - qla4xxx_sysfs_ddb_set_param()\n\nand each of them directly converts the nlattr to specific pointer of\nstructure without length checking. This could be dangerous as those\nattributes are not validated and a malformed nlattr (e.g., length 0) could\nresult in an OOB read that leaks heap dirty data.\n\nAdd the nla_len check before accessing the nlattr data and return EINVAL if\nthe length check fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53456",
"url": "https://www.suse.com/security/cve/CVE-2023-53456"
},
{
"category": "external",
"summary": "SUSE Bug 1250765 for CVE-2023-53456",
"url": "https://bugzilla.suse.com/1250765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53456"
},
{
"cve": "CVE-2023-53457",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53457"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nFS: JFS: Fix null-ptr-deref Read in txBegin\n\n Syzkaller reported an issue where txBegin may be called\n on a superblock in a read-only mounted filesystem which leads\n to NULL pointer deref. This could be solved by checking if\n the filesystem is read-only before calling txBegin, and returning\n with appropiate error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53457",
"url": "https://www.suse.com/security/cve/CVE-2023-53457"
},
{
"category": "external",
"summary": "SUSE Bug 1250763 for CVE-2023-53457",
"url": "https://bugzilla.suse.com/1250763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53457"
},
{
"cve": "CVE-2023-53461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53461"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: wait interruptibly for request completions on exit\n\nWHen the ring exits, cleanup is done and the final cancelation and\nwaiting on completions is done by io_ring_exit_work. That function is\ninvoked by kworker, which doesn\u0027t take any signals. Because of that, it\ndoesn\u0027t really matter if we wait for completions in TASK_INTERRUPTIBLE\nor TASK_UNINTERRUPTIBLE state. However, it does matter to the hung task\ndetection checker!\n\nNormally we expect cancelations and completions to happen rather\nquickly. Some test cases, however, will exit the ring and park the\nowning task stopped (eg via SIGSTOP). If the owning task needs to run\ntask_work to complete requests, then io_ring_exit_work won\u0027t make any\nprogress until the task is runnable again. Hence io_ring_exit_work can\ntrigger the hung task detection, which is particularly problematic if\npanic-on-hung-task is enabled.\n\nAs the ring exit doesn\u0027t take signals to begin with, have it wait\ninterruptibly rather than uninterruptibly. io_uring has a separate\nstuck-exit warning that triggers independently anyway, so we\u0027re not\nreally missing anything by making this switch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53461",
"url": "https://www.suse.com/security/cve/CVE-2023-53461"
},
{
"category": "external",
"summary": "SUSE Bug 1250941 for CVE-2023-53461",
"url": "https://bugzilla.suse.com/1250941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53461"
},
{
"cve": "CVE-2023-53462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53462"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Fix uninit-value access in fill_frame_info()\n\nSyzbot reports the following uninit-value access problem.\n\n=====================================================\nBUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:601 [inline]\nBUG: KMSAN: uninit-value in hsr_forward_skb+0x9bd/0x30f0 net/hsr/hsr_forward.c:616\n fill_frame_info net/hsr/hsr_forward.c:601 [inline]\n hsr_forward_skb+0x9bd/0x30f0 net/hsr/hsr_forward.c:616\n hsr_dev_xmit+0x192/0x330 net/hsr/hsr_device.c:223\n __netdev_start_xmit include/linux/netdevice.h:4889 [inline]\n netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n xmit_one net/core/dev.c:3544 [inline]\n dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3560\n __dev_queue_xmit+0x34d0/0x52a0 net/core/dev.c:4340\n dev_queue_xmit include/linux/netdevice.h:3082 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3087 [inline]\n packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n __sys_sendto+0x781/0xa30 net/socket.c:2176\n __do_sys_sendto net/socket.c:2188 [inline]\n __se_sys_sendto net/socket.c:2184 [inline]\n __ia32_sys_sendto+0x11f/0x1c0 net/socket.c:2184\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x148/0x470 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:644\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6299\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2794\n packet_alloc_skb net/packet/af_packet.c:2936 [inline]\n packet_snd net/packet/af_packet.c:3030 [inline]\n packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n __sys_sendto+0x781/0xa30 net/socket.c:2176\n __do_sys_sendto net/socket.c:2188 [inline]\n __se_sys_sendto net/socket.c:2184 [inline]\n __ia32_sys_sendto+0x11f/0x1c0 net/socket.c:2184\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\nIt is because VLAN not yet supported in hsr driver. Return error\nwhen protocol is ETH_P_8021Q in fill_frame_info() now to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53462",
"url": "https://www.suse.com/security/cve/CVE-2023-53462"
},
{
"category": "external",
"summary": "SUSE Bug 1250878 for CVE-2023-53462",
"url": "https://bugzilla.suse.com/1250878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53462"
},
{
"cve": "CVE-2023-53463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Do not reset dql stats on NON_FATAL err\n\nAll ibmvnic resets, make a call to netdev_tx_reset_queue() when\nre-opening the device. netdev_tx_reset_queue() resets the num_queued\nand num_completed byte counters. These stats are used in Byte Queue\nLimit (BQL) algorithms. The difference between these two stats tracks\nthe number of bytes currently sitting on the physical NIC. ibmvnic\nincreases the number of queued bytes though calls to\nnetdev_tx_sent_queue() in the drivers xmit function. When, VIOS reports\nthat it is done transmitting bytes, the ibmvnic device increases the\nnumber of completed bytes through calls to netdev_tx_completed_queue().\nIt is important to note that the driver batches its transmit calls and\nnum_queued is increased every time that an skb is added to the next\nbatch, not necessarily when the batch is sent to VIOS for transmission.\n\nUnlike other reset types, a NON FATAL reset will not flush the sub crq\ntx buffers. Therefore, it is possible for the batched skb array to be\npartially full. So if there is call to netdev_tx_reset_queue() when\nre-opening the device, the value of num_queued (0) would not account\nfor the skb\u0027s that are currently batched. Eventually, when the batch\nis sent to VIOS, the call to netdev_tx_completed_queue() would increase\nnum_completed to a value greater than the num_queued. This causes a\nBUG_ON crash:\n\nibmvnic 30000002: Firmware reports error, cause: adapter problem.\nStarting recovery...\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\nibmvnic 30000002: tx error 600\n------------[ cut here ]------------\nkernel BUG at lib/dynamic_queue_limits.c:27!\nOops: Exception in kernel mode, sig: 5\n[....]\nNIP dql_completed+0x28/0x1c0\nLR ibmvnic_complete_tx.isra.0+0x23c/0x420 [ibmvnic]\nCall Trace:\nibmvnic_complete_tx.isra.0+0x3f8/0x420 [ibmvnic] (unreliable)\nibmvnic_interrupt_tx+0x40/0x70 [ibmvnic]\n__handle_irq_event_percpu+0x98/0x270\n---[ end trace ]---\n\nTherefore, do not reset the dql stats when performing a NON_FATAL reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53463",
"url": "https://www.suse.com/security/cve/CVE-2023-53463"
},
{
"category": "external",
"summary": "SUSE Bug 1250867 for CVE-2023-53463",
"url": "https://bugzilla.suse.com/1250867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53463"
},
{
"cve": "CVE-2023-53465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: qcom: fix storing port config out-of-bounds\n\nThe \u0027qcom_swrm_ctrl-\u003epconfig\u0027 has size of QCOM_SDW_MAX_PORTS (14),\nhowever we index it starting from 1, not 0, to match real port numbers.\nThis can lead to writing port config past \u0027pconfig\u0027 bounds and\noverwriting next member of \u0027qcom_swrm_ctrl\u0027 struct. Reported also by\nsmatch:\n\n drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow \u0027ctrl-\u003epconfig\u0027 14 \u003c= 14",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53465",
"url": "https://www.suse.com/security/cve/CVE-2023-53465"
},
{
"category": "external",
"summary": "SUSE Bug 1250863 for CVE-2023-53465",
"url": "https://bugzilla.suse.com/1250863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53465"
},
{
"cve": "CVE-2023-53472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: lpc32xx: Remove handling of PWM channels\n\nBecause LPC32xx PWM controllers have only a single output which is\nregistered as the only PWM device/channel per controller, it is known in\nadvance that pwm-\u003ehwpwm value is always 0. On basis of this fact\nsimplify the code by removing operations with pwm-\u003ehwpwm, there is no\ncontrols which require channel number as input.\n\nEven though I wasn\u0027t aware at the time when I forward ported that patch,\nthis fixes a null pointer dereference as lpc32xx-\u003echip.pwms is NULL\nbefore devm_pwmchip_add() is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53472",
"url": "https://www.suse.com/security/cve/CVE-2023-53472"
},
{
"category": "external",
"summary": "SUSE Bug 1250841 for CVE-2023-53472",
"url": "https://bugzilla.suse.com/1250841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53472"
},
{
"cve": "CVE-2023-53479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/acpi: Fix a use-after-free in cxl_parse_cfmws()\n\nKASAN and KFENCE detected an user-after-free in the CXL driver. This\nhappens in the cxl_decoder_add() fail path. KASAN prints the following\nerror:\n\n BUG: KASAN: slab-use-after-free in cxl_parse_cfmws (drivers/cxl/acpi.c:299)\n\nThis happens in cxl_parse_cfmws(), where put_device() is called,\nreleasing cxld, which is accessed later.\n\nUse the local variables in the dev_err() instead of pointing to the\nreleased memory. Since the dev_err() is printing a resource, change the open\ncoded print format to use the %pr format specifier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53479",
"url": "https://www.suse.com/security/cve/CVE-2023-53479"
},
{
"category": "external",
"summary": "SUSE Bug 1250837 for CVE-2023-53479",
"url": "https://bugzilla.suse.com/1250837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53479"
},
{
"cve": "CVE-2023-53480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkobject: Add sanity check for kset-\u003ekobj.ktype in kset_register()\n\nWhen I register a kset in the following way:\n\tstatic struct kset my_kset;\n\tkobject_set_name(\u0026my_kset.kobj, \"my_kset\");\n ret = kset_register(\u0026my_kset);\n\nA null pointer dereference exception is occurred:\n[ 4453.568337] Unable to handle kernel NULL pointer dereference at \\\nvirtual address 0000000000000028\n... ...\n[ 4453.810361] Call trace:\n[ 4453.813062] kobject_get_ownership+0xc/0x34\n[ 4453.817493] kobject_add_internal+0x98/0x274\n[ 4453.822005] kset_register+0x5c/0xb4\n[ 4453.825820] my_kobj_init+0x44/0x1000 [my_kset]\n... ...\n\nBecause I didn\u0027t initialize my_kset.kobj.ktype.\n\nAccording to the description in Documentation/core-api/kobject.rst:\n - A ktype is the type of object that embeds a kobject. Every structure\n that embeds a kobject needs a corresponding ktype.\n\nSo add sanity check to make sure kset-\u003ekobj.ktype is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53480",
"url": "https://www.suse.com/security/cve/CVE-2023-53480"
},
{
"category": "external",
"summary": "SUSE Bug 1250861 for CVE-2023-53480",
"url": "https://bugzilla.suse.com/1250861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53480"
},
{
"cve": "CVE-2023-53485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev\n\nSyzkaller reported the following issue:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6\nindex -84 is out of range for type \u0027s8[341]\u0027 (aka \u0027signed char[341]\u0027)\nCPU: 1 PID: 4995 Comm: syz-executor146 Not tainted 6.4.0-rc6-syzkaller-00037-gb6dad5178cea #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348\n dbAllocDmapLev+0x3e5/0x430 fs/jfs/jfs_dmap.c:1965\n dbAllocCtl+0x113/0x920 fs/jfs/jfs_dmap.c:1809\n dbAllocAG+0x28f/0x10b0 fs/jfs/jfs_dmap.c:1350\n dbAlloc+0x658/0xca0 fs/jfs/jfs_dmap.c:874\n dtSplitUp fs/jfs/jfs_dtree.c:974 [inline]\n dtInsert+0xda7/0x6b00 fs/jfs/jfs_dtree.c:863\n jfs_create+0x7b6/0xbb0 fs/jfs/namei.c:137\n lookup_open fs/namei.c:3492 [inline]\n open_last_lookups fs/namei.c:3560 [inline]\n path_openat+0x13df/0x3170 fs/namei.c:3788\n do_filp_open+0x234/0x490 fs/namei.c:3818\n do_sys_openat2+0x13f/0x500 fs/open.c:1356\n do_sys_open fs/open.c:1372 [inline]\n __do_sys_openat fs/open.c:1388 [inline]\n __se_sys_openat fs/open.c:1383 [inline]\n __x64_sys_openat+0x247/0x290 fs/open.c:1383\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f1f4e33f7e9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffc21129578 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1f4e33f7e9\nRDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c\nRBP: 00007f1f4e2ff080 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f4e2ff110\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nThe bug occurs when the dbAllocDmapLev()function attempts to access\ndp-\u003etree.stree[leafidx + LEAFIND] while the leafidx value is negative.\n\nTo rectify this, the patch introduces a safeguard within the\ndbAllocDmapLev() function. A check has been added to verify if leafidx is\nnegative. If it is, the function immediately returns an I/O error, preventing\nany further execution that could potentially cause harm.\n\nTested via syzbot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53485",
"url": "https://www.suse.com/security/cve/CVE-2023-53485"
},
{
"category": "external",
"summary": "SUSE Bug 1250872 for CVE-2023-53485",
"url": "https://bugzilla.suse.com/1250872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53485"
},
{
"cve": "CVE-2023-53487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53487"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/rtas_flash: allow user copy to flash block cache objects\n\nWith hardened usercopy enabled (CONFIG_HARDENED_USERCOPY=y), using the\n/proc/powerpc/rtas/firmware_update interface to prepare a system\nfirmware update yields a BUG():\n\n kernel BUG at mm/usercopy.c:102!\n Oops: Exception in kernel mode, sig: 5 [#1]\n LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\n Modules linked in:\n CPU: 0 PID: 2232 Comm: dd Not tainted 6.5.0-rc3+ #2\n Hardware name: IBM,8408-E8E POWER8E (raw) 0x4b0201 0xf000004 of:IBM,FW860.50 (SV860_146) hv:phyp pSeries\n NIP: c0000000005991d0 LR: c0000000005991cc CTR: 0000000000000000\n REGS: c0000000148c76a0 TRAP: 0700 Not tainted (6.5.0-rc3+)\n MSR: 8000000000029033 \u003cSF,EE,ME,IR,DR,RI,LE\u003e CR: 24002242 XER: 0000000c\n CFAR: c0000000001fbd34 IRQMASK: 0\n [ ... GPRs omitted ... ]\n NIP usercopy_abort+0xa0/0xb0\n LR usercopy_abort+0x9c/0xb0\n Call Trace:\n usercopy_abort+0x9c/0xb0 (unreliable)\n __check_heap_object+0x1b4/0x1d0\n __check_object_size+0x2d0/0x380\n rtas_flash_write+0xe4/0x250\n proc_reg_write+0xfc/0x160\n vfs_write+0xfc/0x4e0\n ksys_write+0x90/0x160\n system_call_exception+0x178/0x320\n system_call_common+0x160/0x2c4\n\nThe blocks of the firmware image are copied directly from user memory\nto objects allocated from flash_block_cache, so flash_block_cache must\nbe created using kmem_cache_create_usercopy() to mark it safe for user\naccess.\n\n[mpe: Trim and indent oops]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53487",
"url": "https://www.suse.com/security/cve/CVE-2023-53487"
},
{
"category": "external",
"summary": "SUSE Bug 1250830 for CVE-2023-53487",
"url": "https://bugzilla.suse.com/1250830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53487"
},
{
"cve": "CVE-2023-53488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix possible panic during hotplug remove\n\nDuring hotplug remove it is possible that the update counters work\nmight be pending, and may run after memory has been freed.\nCancel the update counters work before freeing memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53488",
"url": "https://www.suse.com/security/cve/CVE-2023-53488"
},
{
"category": "external",
"summary": "SUSE Bug 1250825 for CVE-2023-53488",
"url": "https://bugzilla.suse.com/1250825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53488"
},
{
"cve": "CVE-2023-53490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix disconnect vs accept race\n\nDespite commit 0ad529d9fd2b (\"mptcp: fix possible divide by zero in\nrecvmsg()\"), the mptcp protocol is still prone to a race between\ndisconnect() (or shutdown) and accept.\n\nThe root cause is that the mentioned commit checks the msk-level\nflag, but mptcp_stream_accept() does acquire the msk-level lock,\nas it can rely directly on the first subflow lock.\n\nAs reported by Christoph than can lead to a race where an msk\nsocket is accepted after that mptcp_subflow_queue_clean() releases\nthe listener socket lock and just before it takes destructive\nactions leading to the following splat:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\nPGD 5a4ca067 P4D 5a4ca067 PUD 37d4c067 PMD 0\nOops: 0000 [#1] PREEMPT SMP\nCPU: 2 PID: 10955 Comm: syz-executor.5 Not tainted 6.5.0-rc1-gdc7b257ee5dd #37\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\nRIP: 0010:mptcp_stream_accept+0x1ee/0x2f0 include/net/inet_sock.h:330\nCode: 0a 09 00 48 8b 1b 4c 39 e3 74 07 e8 bc 7c 7f fe eb a1 e8 b5 7c 7f fe 4c 8b 6c 24 08 eb 05 e8 a9 7c 7f fe 49 8b 85 d8 09 00 00 \u003c0f\u003e b6 40 12 88 44 24 07 0f b6 6c 24 07 bf 07 00 00 00 89 ee e8 89\nRSP: 0018:ffffc90000d07dc0 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff888037e8d020 RCX: ffff88803b093300\nRDX: 0000000000000000 RSI: ffffffff833822c5 RDI: ffffffff8333896a\nRBP: 0000607f82031520 R08: ffff88803b093300 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000003e83 R12: ffff888037e8d020\nR13: ffff888037e8c680 R14: ffff888009af7900 R15: ffff888009af6880\nFS: 00007fc26d708640(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000012 CR3: 0000000066bc5001 CR4: 0000000000370ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n do_accept+0x1ae/0x260 net/socket.c:1872\n __sys_accept4+0x9b/0x110 net/socket.c:1913\n __do_sys_accept4 net/socket.c:1954 [inline]\n __se_sys_accept4 net/socket.c:1951 [inline]\n __x64_sys_accept4+0x20/0x30 net/socket.c:1951\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x47/0xa0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nAddress the issue by temporary removing the pending request socket\nfrom the accept queue, so that racing accept() can\u0027t touch them.\n\nAfter depleting the msk - the ssk still exists, as plain TCP sockets,\nre-insert them into the accept queue, so that later inet_csk_listen_stop()\nwill complete the tcp socket disposal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53490",
"url": "https://www.suse.com/security/cve/CVE-2023-53490"
},
{
"category": "external",
"summary": "SUSE Bug 1250827 for CVE-2023-53490",
"url": "https://bugzilla.suse.com/1250827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53490"
},
{
"cve": "CVE-2023-53491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstart_kernel: Add __no_stack_protector function attribute\n\nBack during the discussion of\ncommit a9a3ed1eff36 (\"x86: Fix early boot crash on gcc-10, third try\")\nwe discussed the need for a function attribute to control the omission\nof stack protectors on a per-function basis; at the time Clang had\nsupport for no_stack_protector but GCC did not. This was fixed in\ngcc-11. Now that the function attribute is available, let\u0027s start using\nit.\n\nCallers of boot_init_stack_canary need to use this function attribute\nunless they\u0027re compiled with -fno-stack-protector, otherwise the canary\nstored in the stack slot of the caller will differ upon the call to\nboot_init_stack_canary. This will lead to a call to __stack_chk_fail()\nthen panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53491",
"url": "https://www.suse.com/security/cve/CVE-2023-53491"
},
{
"category": "external",
"summary": "SUSE Bug 1250942 for CVE-2023-53491",
"url": "https://bugzilla.suse.com/1250942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53491"
},
{
"cve": "CVE-2023-53492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not ignore genmask when looking up chain by id\n\nWhen adding a rule to a chain referring to its ID, if that chain had been\ndeleted on the same batch, the rule might end up referring to a deleted\nchain.\n\nThis will lead to a WARNING like following:\n\n[ 33.098431] ------------[ cut here ]------------\n[ 33.098678] WARNING: CPU: 5 PID: 69 at net/netfilter/nf_tables_api.c:2037 nf_tables_chain_destroy+0x23d/0x260\n[ 33.099217] Modules linked in:\n[ 33.099388] CPU: 5 PID: 69 Comm: kworker/5:1 Not tainted 6.4.0+ #409\n[ 33.099726] Workqueue: events nf_tables_trans_destroy_work\n[ 33.100018] RIP: 0010:nf_tables_chain_destroy+0x23d/0x260\n[ 33.100306] Code: 8b 7c 24 68 e8 64 9c ed fe 4c 89 e7 e8 5c 9c ed fe 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 89 c6 89 c7 c3 cc cc cc cc \u003c0f\u003e 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 89 c6 89 c7\n[ 33.101271] RSP: 0018:ffffc900004ffc48 EFLAGS: 00010202\n[ 33.101546] RAX: 0000000000000001 RBX: ffff888006fc0a28 RCX: 0000000000000000\n[ 33.101920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n[ 33.102649] RBP: ffffc900004ffc78 R08: 0000000000000000 R09: 0000000000000000\n[ 33.103018] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880135ef500\n[ 33.103385] R13: 0000000000000000 R14: dead000000000122 R15: ffff888006fc0a10\n[ 33.103762] FS: 0000000000000000(0000) GS:ffff888024c80000(0000) knlGS:0000000000000000\n[ 33.104184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 33.104493] CR2: 00007fe863b56a50 CR3: 00000000124b0001 CR4: 0000000000770ee0\n[ 33.104872] PKRU: 55555554\n[ 33.104999] Call Trace:\n[ 33.105113] \u003cTASK\u003e\n[ 33.105214] ? show_regs+0x72/0x90\n[ 33.105371] ? __warn+0xa5/0x210\n[ 33.105520] ? nf_tables_chain_destroy+0x23d/0x260\n[ 33.105732] ? report_bug+0x1f2/0x200\n[ 33.105902] ? handle_bug+0x46/0x90\n[ 33.106546] ? exc_invalid_op+0x19/0x50\n[ 33.106762] ? asm_exc_invalid_op+0x1b/0x20\n[ 33.106995] ? nf_tables_chain_destroy+0x23d/0x260\n[ 33.107249] ? nf_tables_chain_destroy+0x30/0x260\n[ 33.107506] nf_tables_trans_destroy_work+0x669/0x680\n[ 33.107782] ? mark_held_locks+0x28/0xa0\n[ 33.107996] ? __pfx_nf_tables_trans_destroy_work+0x10/0x10\n[ 33.108294] ? _raw_spin_unlock_irq+0x28/0x70\n[ 33.108538] process_one_work+0x68c/0xb70\n[ 33.108755] ? lock_acquire+0x17f/0x420\n[ 33.108977] ? __pfx_process_one_work+0x10/0x10\n[ 33.109218] ? do_raw_spin_lock+0x128/0x1d0\n[ 33.109435] ? _raw_spin_lock_irq+0x71/0x80\n[ 33.109634] worker_thread+0x2bd/0x700\n[ 33.109817] ? __pfx_worker_thread+0x10/0x10\n[ 33.110254] kthread+0x18b/0x1d0\n[ 33.110410] ? __pfx_kthread+0x10/0x10\n[ 33.110581] ret_from_fork+0x29/0x50\n[ 33.110757] \u003c/TASK\u003e\n[ 33.110866] irq event stamp: 1651\n[ 33.111017] hardirqs last enabled at (1659): [\u003cffffffffa206a209\u003e] __up_console_sem+0x79/0xa0\n[ 33.111379] hardirqs last disabled at (1666): [\u003cffffffffa206a1ee\u003e] __up_console_sem+0x5e/0xa0\n[ 33.111740] softirqs last enabled at (1616): [\u003cffffffffa1f5d40e\u003e] __irq_exit_rcu+0x9e/0xe0\n[ 33.112094] softirqs last disabled at (1367): [\u003cffffffffa1f5d40e\u003e] __irq_exit_rcu+0x9e/0xe0\n[ 33.112453] ---[ end trace 0000000000000000 ]---\n\nThis is due to the nft_chain_lookup_byid ignoring the genmask. After this\nchange, adding the new rule will fail as it will not find the chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53492",
"url": "https://www.suse.com/security/cve/CVE-2023-53492"
},
{
"category": "external",
"summary": "SUSE Bug 1250823 for CVE-2023-53492",
"url": "https://bugzilla.suse.com/1250823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53492"
},
{
"cve": "CVE-2023-53493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: tighten bounds checking in decode_message()\n\nCopy the bounds checking from encode_message() to decode_message().\n\nThis patch addresses the following concerns. Ensure that there is\nenough space for at least one header so that we don\u0027t have a negative\nsize later.\n\n\tif (msg_hdr_len \u003c sizeof(*trans_hdr))\n\nEnsure that we have enough space to read the next header from the\nmsg-\u003edata.\n\n\tif (msg_len \u003e msg_hdr_len - sizeof(*trans_hdr))\n\t\treturn -EINVAL;\n\nCheck that the trans_hdr-\u003elen is not below the minimum size:\n\n\tif (hdr_len \u003c sizeof(*trans_hdr))\n\nThis minimum check ensures that we don\u0027t corrupt memory in\ndecode_passthrough() when we do.\n\n\tmemcpy(out_trans-\u003edata, in_trans-\u003edata, len - sizeof(in_trans-\u003ehdr));\n\nAnd finally, use size_add() to prevent an integer overflow:\n\n\tif (size_add(msg_len, hdr_len) \u003e msg_hdr_len)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53493",
"url": "https://www.suse.com/security/cve/CVE-2023-53493"
},
{
"category": "external",
"summary": "SUSE Bug 1250820 for CVE-2023-53493",
"url": "https://bugzilla.suse.com/1250820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53493"
},
{
"cve": "CVE-2023-53495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc()\n\nrules is allocated in ethtool_get_rxnfc and the size is determined by\nrule_cnt from user space. So rule_cnt needs to be check before using\nrules to avoid OOB writing or NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53495",
"url": "https://www.suse.com/security/cve/CVE-2023-53495"
},
{
"category": "external",
"summary": "SUSE Bug 1250907 for CVE-2023-53495",
"url": "https://bugzilla.suse.com/1250907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53495"
},
{
"cve": "CVE-2023-53496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/platform/uv: Use alternate source for socket to node data\n\nThe UV code attempts to build a set of tables to allow it to do\nbidirectional socket\u003c=\u003enode lookups.\n\nBut when nr_cpus is set to a smaller number than actually present, the\ncpu_to_node() mapping information for unused CPUs is not available to\nbuild_socket_tables(). This results in skipping some nodes or sockets\nwhen creating the tables and leaving some -1\u0027s for later code to trip.\nover, causing oopses.\n\nThe problem is that the socket\u003c=\u003enode lookups are created by doing a\nloop over all CPUs, then looking up the CPU\u0027s APICID and socket. But\nif a CPU is not present, there is no way to start this lookup.\n\nInstead of looping over all CPUs, take CPUs out of the equation\nentirely. Loop over all APICIDs which are mapped to a valid NUMA node.\nThen just extract the socket-id from the APICID.\n\nThis avoid tripping over disabled CPUs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53496",
"url": "https://www.suse.com/security/cve/CVE-2023-53496"
},
{
"category": "external",
"summary": "SUSE Bug 1250905 for CVE-2023-53496",
"url": "https://bugzilla.suse.com/1250905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53496"
},
{
"cve": "CVE-2023-53500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix slab-use-after-free in decode_session6\n\nWhen the xfrm device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when the xfrm device sends IPv6 packets.\n\nThe stack information is as follows:\nBUG: KASAN: slab-use-after-free in decode_session6+0x103f/0x1890\nRead of size 1 at addr ffff8881111458ef by task swapper/3/0\nCPU: 3 PID: 0 Comm: swapper/3 Not tainted 6.4.0-next-20230707 #409\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\nCall Trace:\n\u003cIRQ\u003e\ndump_stack_lvl+0xd9/0x150\nprint_address_description.constprop.0+0x2c/0x3c0\nkasan_report+0x11d/0x130\ndecode_session6+0x103f/0x1890\n__xfrm_decode_session+0x54/0xb0\nxfrmi_xmit+0x173/0x1ca0\ndev_hard_start_xmit+0x187/0x700\nsch_direct_xmit+0x1a3/0xc30\n__qdisc_run+0x510/0x17a0\n__dev_queue_xmit+0x2215/0x3b10\nneigh_connected_output+0x3c2/0x550\nip6_finish_output2+0x55a/0x1550\nip6_finish_output+0x6b9/0x1270\nip6_output+0x1f1/0x540\nndisc_send_skb+0xa63/0x1890\nndisc_send_rs+0x132/0x6f0\naddrconf_rs_timer+0x3f1/0x870\ncall_timer_fn+0x1a0/0x580\nexpire_timers+0x29b/0x4b0\nrun_timer_softirq+0x326/0x910\n__do_softirq+0x1d4/0x905\nirq_exit_rcu+0xb7/0x120\nsysvec_apic_timer_interrupt+0x97/0xc0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:intel_idle_hlt+0x23/0x30\nCode: 1f 84 00 00 00 00 00 f3 0f 1e fa 41 54 41 89 d4 0f 1f 44 00 00 66 90 0f 1f 44 00 00 0f 00 2d c4 9f ab 00 0f 1f 44 00 00 fb f4 \u003cfa\u003e 44 89 e0 41 5c c3 66 0f 1f 44 00 00 f3 0f 1e fa 41 54 41 89 d4\nRSP: 0018:ffffc90000197d78 EFLAGS: 00000246\nRAX: 00000000000a83c3 RBX: ffffe8ffffd09c50 RCX: ffffffff8a22d8e5\nRDX: 0000000000000001 RSI: ffffffff8d3f8080 RDI: ffffe8ffffd09c50\nRBP: ffffffff8d3f8080 R08: 0000000000000001 R09: ffffed1026ba6d9d\nR10: ffff888135d36ceb R11: 0000000000000001 R12: 0000000000000001\nR13: ffffffff8d3f8100 R14: 0000000000000001 R15: 0000000000000000\ncpuidle_enter_state+0xd3/0x6f0\ncpuidle_enter+0x4e/0xa0\ndo_idle+0x2fe/0x3c0\ncpu_startup_entry+0x18/0x20\nstart_secondary+0x200/0x290\nsecondary_startup_64_no_verify+0x167/0x16b\n\u003c/TASK\u003e\nAllocated by task 939:\nkasan_save_stack+0x22/0x40\nkasan_set_track+0x25/0x30\n__kasan_slab_alloc+0x7f/0x90\nkmem_cache_alloc_node+0x1cd/0x410\nkmalloc_reserve+0x165/0x270\n__alloc_skb+0x129/0x330\ninet6_ifa_notify+0x118/0x230\n__ipv6_ifa_notify+0x177/0xbe0\naddrconf_dad_completed+0x133/0xe00\naddrconf_dad_work+0x764/0x1390\nprocess_one_work+0xa32/0x16f0\nworker_thread+0x67d/0x10c0\nkthread+0x344/0x440\nret_from_fork+0x1f/0x30\nThe buggy address belongs to the object at ffff888111145800\nwhich belongs to the cache skbuff_small_head of size 640\nThe buggy address is located 239 bytes inside of\nfreed 640-byte region [ffff888111145800, ffff888111145a80)\n\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)-\u003enhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53500",
"url": "https://www.suse.com/security/cve/CVE-2023-53500"
},
{
"category": "external",
"summary": "SUSE Bug 1250816 for CVE-2023-53500",
"url": "https://bugzilla.suse.com/1250816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53500"
},
{
"cve": "CVE-2023-53501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind\n\nWhen unbinding pasid - a race condition exists vs outstanding page faults.\n\nTo prevent this, the pasid_state object contains a refcount.\n * set to 1 on pasid bind\n * incremented on each ppr notification start\n * decremented on each ppr notification done\n * decremented on pasid unbind\n\nSince refcount_dec assumes that refcount will never reach 0:\n the current implementation causes the following to be invoked on\n pasid unbind:\n REFCOUNT_WARN(\"decrement hit 0; leaking memory\")\n\nFix this issue by changing refcount_dec to refcount_dec_and_test\nto explicitly handle refcount=1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53501",
"url": "https://www.suse.com/security/cve/CVE-2023-53501"
},
{
"category": "external",
"summary": "SUSE Bug 1250815 for CVE-2023-53501",
"url": "https://bugzilla.suse.com/1250815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53501"
},
{
"cve": "CVE-2023-53504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53504"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Properly order ib_device_unalloc() to avoid UAF\n\nib_dealloc_device() should be called only after device cleanup. Fix the\ndealloc sequence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53504",
"url": "https://www.suse.com/security/cve/CVE-2023-53504"
},
{
"category": "external",
"summary": "SUSE Bug 1250813 for CVE-2023-53504",
"url": "https://bugzilla.suse.com/1250813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53504"
},
{
"cve": "CVE-2023-53505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53505"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: tegra: tegra124-emc: Fix potential memory leak\n\nThe tegra and tegra needs to be freed in the error handling path, otherwise\nit will be leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53505",
"url": "https://www.suse.com/security/cve/CVE-2023-53505"
},
{
"category": "external",
"summary": "SUSE Bug 1250807 for CVE-2023-53505",
"url": "https://bugzilla.suse.com/1250807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53505"
},
{
"cve": "CVE-2023-53507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53507"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Unregister devlink params in case interface is down\n\nCurrently, in case an interface is down, mlx5 driver doesn\u0027t\nunregister its devlink params, which leads to this WARN[1].\nFix it by unregistering devlink params in that case as well.\n\n[1]\n[ 295.244769 ] WARNING: CPU: 15 PID: 1 at net/core/devlink.c:9042 devlink_free+0x174/0x1fc\n[ 295.488379 ] CPU: 15 PID: 1 Comm: shutdown Tainted: G S OE 5.15.0-1017.19.3.g0677e61-bluefield #g0677e61\n[ 295.509330 ] Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.2.0.12761 Jun 6 2023\n[ 295.543096 ] pc : devlink_free+0x174/0x1fc\n[ 295.551104 ] lr : mlx5_devlink_free+0x18/0x2c [mlx5_core]\n[ 295.561816 ] sp : ffff80000809b850\n[ 295.711155 ] Call trace:\n[ 295.716030 ] devlink_free+0x174/0x1fc\n[ 295.723346 ] mlx5_devlink_free+0x18/0x2c [mlx5_core]\n[ 295.733351 ] mlx5_sf_dev_remove+0x98/0xb0 [mlx5_core]\n[ 295.743534 ] auxiliary_bus_remove+0x2c/0x50\n[ 295.751893 ] __device_release_driver+0x19c/0x280\n[ 295.761120 ] device_release_driver+0x34/0x50\n[ 295.769649 ] bus_remove_device+0xdc/0x170\n[ 295.777656 ] device_del+0x17c/0x3a4\n[ 295.784620 ] mlx5_sf_dev_remove+0x28/0xf0 [mlx5_core]\n[ 295.794800 ] mlx5_sf_dev_table_destroy+0x98/0x110 [mlx5_core]\n[ 295.806375 ] mlx5_unload+0x34/0xd0 [mlx5_core]\n[ 295.815339 ] mlx5_unload_one+0x70/0xe4 [mlx5_core]\n[ 295.824998 ] shutdown+0xb0/0xd8 [mlx5_core]\n[ 295.833439 ] pci_device_shutdown+0x3c/0xa0\n[ 295.841651 ] device_shutdown+0x170/0x340\n[ 295.849486 ] __do_sys_reboot+0x1f4/0x2a0\n[ 295.857322 ] __arm64_sys_reboot+0x2c/0x40\n[ 295.865329 ] invoke_syscall+0x78/0x100\n[ 295.872817 ] el0_svc_common.constprop.0+0x54/0x184\n[ 295.882392 ] do_el0_svc+0x30/0xac\n[ 295.889008 ] el0_svc+0x48/0x160\n[ 295.895278 ] el0t_64_sync_handler+0xa4/0x130\n[ 295.903807 ] el0t_64_sync+0x1a4/0x1a8\n[ 295.911120 ] ---[ end trace 4f1d2381d00d9dce ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53507",
"url": "https://www.suse.com/security/cve/CVE-2023-53507"
},
{
"category": "external",
"summary": "SUSE Bug 1250808 for CVE-2023-53507",
"url": "https://bugzilla.suse.com/1250808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53507"
},
{
"cve": "CVE-2023-53508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53508"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: fail to start device if queue setup is interrupted\n\nIn ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is\ninterrupted by signal, queues aren\u0027t setup successfully yet, so we\nhave to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered.\n\nReported by German when working on qemu-storage-deamon which requires\nsingle thread ublk daemon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53508",
"url": "https://www.suse.com/security/cve/CVE-2023-53508"
},
{
"category": "external",
"summary": "SUSE Bug 1250809 for CVE-2023-53508",
"url": "https://bugzilla.suse.com/1250809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53508"
},
{
"cve": "CVE-2023-53510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix handling of lrbp-\u003ecmd\n\nufshcd_queuecommand() may be called two times in a row for a SCSI command\nbefore it is completed. Hence make the following changes:\n\n - In the functions that submit a command, do not check the old value of\n lrbp-\u003ecmd nor clear lrbp-\u003ecmd in error paths.\n\n - In ufshcd_release_scsi_cmd(), do not clear lrbp-\u003ecmd.\n\nSee also scsi_send_eh_cmnd().\n\nThis commit prevents that the following appears if a command times out:\n\nWARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8\nCall trace:\n ufshcd_queuecommand+0x6f8/0x9a8\n scsi_send_eh_cmnd+0x2c0/0x960\n scsi_eh_test_devices+0x100/0x314\n scsi_eh_ready_devs+0xd90/0x114c\n scsi_error_handler+0x2b4/0xb70\n kthread+0x16c/0x1e0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53510",
"url": "https://www.suse.com/security/cve/CVE-2023-53510"
},
{
"category": "external",
"summary": "SUSE Bug 1250812 for CVE-2023-53510",
"url": "https://bugzilla.suse.com/1250812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53510"
},
{
"cve": "CVE-2023-53515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-mmio: don\u0027t break lifecycle of vm_dev\n\nvm_dev has a separate lifecycle because it has a \u0027struct device\u0027\nembedded. Thus, having a release callback for it is correct.\n\nAllocating the vm_dev struct with devres totally breaks this protection,\nthough. Instead of waiting for the vm_dev release callback, the memory\nis freed when the platform_device is removed. Resulting in a\nuse-after-free when finally the callback is to be called.\n\nTo easily see the problem, compile the kernel with\nCONFIG_DEBUG_KOBJECT_RELEASE and unbind with sysfs.\n\nThe fix is easy, don\u0027t use devres in this case.\n\nFound during my research about object lifetime problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53515",
"url": "https://www.suse.com/security/cve/CVE-2023-53515"
},
{
"category": "external",
"summary": "SUSE Bug 1250917 for CVE-2023-53515",
"url": "https://bugzilla.suse.com/1250917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53515"
},
{
"cve": "CVE-2023-53516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF\n\nThe previous commit 954d1fa1ac93 (\"macvlan: Add netlink attribute for\nbroadcast cutoff\") added one additional attribute named\nIFLA_MACVLAN_BC_CUTOFF to allow broadcast cutfoff.\n\nHowever, it forgot to describe the nla_policy at macvlan_policy\n(drivers/net/macvlan.c). Hence, this suppose NLA_S32 (4 bytes) integer\ncan be faked as empty (0 bytes) by a malicious user, which could leads\nto OOB in heap just like CVE-2023-3773.\n\nTo fix it, this commit just completes the nla_policy description for\nIFLA_MACVLAN_BC_CUTOFF. This enforces the length check and avoids the\npotential OOB read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53516",
"url": "https://www.suse.com/security/cve/CVE-2023-53516"
},
{
"category": "external",
"summary": "SUSE Bug 1250918 for CVE-2023-53516",
"url": "https://bugzilla.suse.com/1250918"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53516"
},
{
"cve": "CVE-2023-53518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix leak in devfreq_dev_release()\n\nsrcu_init_notifier_head() allocates resources that need to be released\nwith a srcu_cleanup_notifier_head() call.\n\nReported by kmemleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53518",
"url": "https://www.suse.com/security/cve/CVE-2023-53518"
},
{
"category": "external",
"summary": "SUSE Bug 1250923 for CVE-2023-53518",
"url": "https://bugzilla.suse.com/1250923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53518"
},
{
"cve": "CVE-2023-53519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53519"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-mem2mem: add lock to protect parameter num_rdy\n\nGetting below error when using KCSAN to check the driver. Adding lock to\nprotect parameter num_rdy when getting the value with function:\nv4l2_m2m_num_src_bufs_ready/v4l2_m2m_num_dst_bufs_ready.\n\nkworker/u16:3: [name:report\u0026]BUG: KCSAN: data-race in v4l2_m2m_buf_queue\nkworker/u16:3: [name:report\u0026]\n\nkworker/u16:3: [name:report\u0026]read-write to 0xffffff8105f35b94 of 1 bytes by task 20865 on cpu 7:\nkworker/u16:3: v4l2_m2m_buf_queue+0xd8/0x10c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53519",
"url": "https://www.suse.com/security/cve/CVE-2023-53519"
},
{
"category": "external",
"summary": "SUSE Bug 1250964 for CVE-2023-53519",
"url": "https://bugzilla.suse.com/1250964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53519"
},
{
"cve": "CVE-2023-53520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix hci_suspend_sync crash\n\nIf hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier\nmay still be accessing it, it can cause the program to crash.\nHere\u0027s the call trace:\n \u003c4\u003e[102152.653246] Call Trace:\n \u003c4\u003e[102152.653254] hci_suspend_sync+0x109/0x301 [bluetooth]\n \u003c4\u003e[102152.653259] hci_suspend_dev+0x78/0xcd [bluetooth]\n \u003c4\u003e[102152.653263] hci_suspend_notifier+0x42/0x7a [bluetooth]\n \u003c4\u003e[102152.653268] notifier_call_chain+0x43/0x6b\n \u003c4\u003e[102152.653271] __blocking_notifier_call_chain+0x48/0x69\n \u003c4\u003e[102152.653273] __pm_notifier_call_chain+0x22/0x39\n \u003c4\u003e[102152.653276] pm_suspend+0x287/0x57c\n \u003c4\u003e[102152.653278] state_store+0xae/0xe5\n \u003c4\u003e[102152.653281] kernfs_fop_write+0x109/0x173\n \u003c4\u003e[102152.653284] __vfs_write+0x16f/0x1a2\n \u003c4\u003e[102152.653287] ? selinux_file_permission+0xca/0x16f\n \u003c4\u003e[102152.653289] ? security_file_permission+0x36/0x109\n \u003c4\u003e[102152.653291] vfs_write+0x114/0x21d\n \u003c4\u003e[102152.653293] __x64_sys_write+0x7b/0xdb\n \u003c4\u003e[102152.653296] do_syscall_64+0x59/0x194\n \u003c4\u003e[102152.653299] entry_SYSCALL_64_after_hwframe+0x5c/0xc1\n\nThis patch holds the reference count of the hci_dev object while\nprocessing it in hci_suspend_notifier to avoid potential crash\ncaused by the race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53520",
"url": "https://www.suse.com/security/cve/CVE-2023-53520"
},
{
"category": "external",
"summary": "SUSE Bug 1250957 for CVE-2023-53520",
"url": "https://bugzilla.suse.com/1250957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2023-53520"
},
{
"cve": "CVE-2023-53523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: gs_usb: fix time stamp counter initialization\n\nIf the gs_usb device driver is unloaded (or unbound) before the\ninterface is shut down, the USB stack first calls the struct\nusb_driver::disconnect and then the struct net_device_ops::ndo_stop\ncallback.\n\nIn gs_usb_disconnect() all pending bulk URBs are killed, i.e. no more\nRX\u0027ed CAN frames are send from the USB device to the host. Later in\ngs_can_close() a reset control message is send to each CAN channel to\nremove the controller from the CAN bus. In this race window the USB\ndevice can still receive CAN frames from the bus and internally queue\nthem to be send to the host.\n\nAt least in the current version of the candlelight firmware, the queue\nof received CAN frames is not emptied during the reset command. After\nloading (or binding) the gs_usb driver, new URBs are submitted during\nthe struct net_device_ops::ndo_open callback and the candlelight\nfirmware starts sending its already queued CAN frames to the host.\n\nHowever, this scenario was not considered when implementing the\nhardware timestamp function. The cycle counter/time counter\ninfrastructure is set up (gs_usb_timestamp_init()) after the USBs are\nsubmitted, resulting in a NULL pointer dereference if\ntimecounter_cyc2time() (via the call chain:\ngs_usb_receive_bulk_callback() -\u003e gs_usb_set_timestamp() -\u003e\ngs_usb_skb_set_timestamp()) is called too early.\n\nMove the gs_usb_timestamp_init() function before the URBs are\nsubmitted to fix this problem.\n\nFor a comprehensive solution, we need to consider gs_usb devices with\nmore than 1 channel. The cycle counter/time counter infrastructure is\nsetup per channel, but the RX URBs are per device. Once gs_can_open()\nof _a_ channel has been called, and URBs have been submitted, the\ngs_usb_receive_bulk_callback() can be called for _all_ available\nchannels, even for channels that are not running, yet. As cycle\ncounter/time counter has not set up, this will again lead to a NULL\npointer dereference.\n\nConvert the cycle counter/time counter from a \"per channel\" to a \"per\ndevice\" functionality. Also set it up, before submitting any URBs to\nthe device.\n\nFurther in gs_usb_receive_bulk_callback(), don\u0027t process any URBs for\nnot started CAN channels, only resubmit the URB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53523",
"url": "https://www.suse.com/security/cve/CVE-2023-53523"
},
{
"category": "external",
"summary": "SUSE Bug 1250926 for CVE-2023-53523",
"url": "https://bugzilla.suse.com/1250926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53523"
},
{
"cve": "CVE-2023-53526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: check \u0027jh-\u003eb_transaction\u0027 before removing it from checkpoint\n\nFollowing process will corrupt ext4 image:\nStep 1:\njbd2_journal_commit_transaction\n __jbd2_journal_insert_checkpoint(jh, commit_transaction)\n // Put jh into trans1-\u003et_checkpoint_list\n journal-\u003ej_checkpoint_transactions = commit_transaction\n // Put trans1 into journal-\u003ej_checkpoint_transactions\n\nStep 2:\ndo_get_write_access\n test_clear_buffer_dirty(bh) // clear buffer dirty\uff0cset jbd dirty\n __jbd2_journal_file_buffer(jh, transaction) // jh belongs to trans2\n\nStep 3:\ndrop_cache\n journal_shrink_one_cp_list\n jbd2_journal_try_remove_checkpoint\n if (!trylock_buffer(bh)) // lock bh, true\n if (buffer_dirty(bh)) // buffer is not dirty\n __jbd2_journal_remove_checkpoint(jh)\n // remove jh from trans1-\u003et_checkpoint_list\n\nStep 4:\njbd2_log_do_checkpoint\n trans1 = journal-\u003ej_checkpoint_transactions\n // jh is not in trans1-\u003et_checkpoint_list\n jbd2_cleanup_journal_tail(journal) // trans1 is done\n\nStep 5: Power cut, trans2 is not committed, jh is lost in next mounting.\n\nFix it by checking \u0027jh-\u003eb_transaction\u0027 before remove it from checkpoint.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53526",
"url": "https://www.suse.com/security/cve/CVE-2023-53526"
},
{
"category": "external",
"summary": "SUSE Bug 1250928 for CVE-2023-53526",
"url": "https://bugzilla.suse.com/1250928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53526"
},
{
"cve": "CVE-2023-53527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix memory leak in tb_handle_dp_bandwidth_request()\n\nThe memory allocated in tb_queue_dp_bandwidth_request() needs to be\nreleased once the request is handled to avoid leaking it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53527",
"url": "https://www.suse.com/security/cve/CVE-2023-53527"
},
{
"category": "external",
"summary": "SUSE Bug 1250929 for CVE-2023-53527",
"url": "https://bugzilla.suse.com/1250929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2023-53527"
},
{
"cve": "CVE-2023-53528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix unsafe drain work queue code\n\nIf create_qp does not fully succeed it is possible for qp cleanup\ncode to attempt to drain the send or recv work queues before the\nqueues have been created causing a seg fault. This patch checks\nto see if the queues exist before attempting to drain them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53528",
"url": "https://www.suse.com/security/cve/CVE-2023-53528"
},
{
"category": "external",
"summary": "SUSE Bug 1250930 for CVE-2023-53528",
"url": "https://bugzilla.suse.com/1250930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53528"
},
{
"cve": "CVE-2023-53530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()\n\nThe following call trace was observed:\n\nlocalhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete\nlocalhost kernel: BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u129:4/75092\nlocalhost kernel: nvme nvme0: NVME-FC{0}: new ctrl: NQN \"nqn.1992-08.com.netapp:sn.b42d198afb4d11ecad6d00a098d6abfa:subsystem.PR_Channel2022_RH84_subsystem_291\"\nlocalhost kernel: caller is qla_nvme_post_cmd+0x216/0x1380 [qla2xxx]\nlocalhost kernel: CPU: 6 PID: 75092 Comm: kworker/u129:4 Kdump: loaded Tainted: G B W OE --------- --- 5.14.0-70.22.1.el9_0.x86_64+debug #1\nlocalhost kernel: Hardware name: HPE ProLiant XL420 Gen10/ProLiant XL420 Gen10, BIOS U39 01/13/2022\nlocalhost kernel: Workqueue: nvme-wq nvme_async_event_work [nvme_core]\nlocalhost kernel: Call Trace:\nlocalhost kernel: dump_stack_lvl+0x57/0x7d\nlocalhost kernel: check_preemption_disabled+0xc8/0xd0\nlocalhost kernel: qla_nvme_post_cmd+0x216/0x1380 [qla2xxx]\n\nUse raw_smp_processor_id() instead of smp_processor_id().\n\nAlso use queue_work() across the driver instead of queue_work_on() thus\navoiding usage of smp_processor_id() when CONFIG_DEBUG_PREEMPT is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53530",
"url": "https://www.suse.com/security/cve/CVE-2023-53530"
},
{
"category": "external",
"summary": "SUSE Bug 1250949 for CVE-2023-53530",
"url": "https://bugzilla.suse.com/1250949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53530"
},
{
"cve": "CVE-2023-53531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix poll request timeout handling\n\nWhen doing io_uring benchmark on /dev/nullb0, it\u0027s easy to crash the\nkernel if poll requests timeout triggered, as reported by David. [1]\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nWorkqueue: kblockd blk_mq_timeout_work\nRIP: 0010:null_timeout_rq+0x4e/0x91\nCall Trace:\n ? null_timeout_rq+0x4e/0x91\n blk_mq_handle_expired+0x31/0x4b\n bt_iter+0x68/0x84\n ? bt_tags_iter+0x81/0x81\n __sbitmap_for_each_set.constprop.0+0xb0/0xf2\n ? __blk_mq_complete_request_remote+0xf/0xf\n bt_for_each+0x46/0x64\n ? __blk_mq_complete_request_remote+0xf/0xf\n ? percpu_ref_get_many+0xc/0x2a\n blk_mq_queue_tag_busy_iter+0x14d/0x18e\n blk_mq_timeout_work+0x95/0x127\n process_one_work+0x185/0x263\n worker_thread+0x1b5/0x227\n\nThis is indeed a race problem between null_timeout_rq() and null_poll().\n\nnull_poll()\t\t\t\tnull_timeout_rq()\n spin_lock(\u0026nq-\u003epoll_lock)\n list_splice_init(\u0026nq-\u003epoll_list, \u0026list)\n spin_unlock(\u0026nq-\u003epoll_lock)\n\n while (!list_empty(\u0026list))\n req = list_first_entry()\n list_del_init()\n ...\n blk_mq_add_to_batch()\n // req-\u003erq_next = NULL\n\t\t\t\t\tspin_lock(\u0026nq-\u003epoll_lock)\n\n\t\t\t\t\t// rq-\u003equeuelist-\u003enext == NULL\n\t\t\t\t\tlist_del_init(\u0026rq-\u003equeuelist)\n\n\t\t\t\t\tspin_unlock(\u0026nq-\u003epoll_lock)\n\nFix these problems by setting requests state to MQ_RQ_COMPLETE under\nnq-\u003epoll_lock protection, in which null_timeout_rq() can safely detect\nthis race and early return.\n\nNote this patch just fix the kernel panic when request timeout happen.\n\n[1] https://lore.kernel.org/all/3893581.1691785261@warthog.procyon.org.uk/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53531",
"url": "https://www.suse.com/security/cve/CVE-2023-53531"
},
{
"category": "external",
"summary": "SUSE Bug 1250931 for CVE-2023-53531",
"url": "https://bugzilla.suse.com/1250931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2023-53531"
},
{
"cve": "CVE-2024-26584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: handle backlogging of crypto requests\n\nSince we\u0027re setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our\nrequests to the crypto API, crypto_aead_{encrypt,decrypt} can return\n -EBUSY instead of -EINPROGRESS in valid situations. For example, when\nthe cryptd queue for AESNI is full (easy to trigger with an\nartificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued\nto the backlog but still processed. In that case, the async callback\nwill also be called twice: first with err == -EINPROGRESS, which it\nseems we can just ignore, then with err == 0.\n\nCompared to Sabrina\u0027s original patch this version uses the new\ntls_*crypt_async_wait() helpers and converts the EBUSY to\nEINPROGRESS to avoid having to modify all the error handling\npaths. The handling is identical.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26584",
"url": "https://www.suse.com/security/cve/CVE-2024-26584"
},
{
"category": "external",
"summary": "SUSE Bug 1220186 for CVE-2024-26584",
"url": "https://bugzilla.suse.com/1220186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2024-26584"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-58090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Prevent rescheduling when interrupts are disabled\n\nDavid reported a warning observed while loop testing kexec jump:\n\n Interrupts enabled after irqrouter_resume+0x0/0x50\n WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220\n kernel_kexec+0xf6/0x180\n __do_sys_reboot+0x206/0x250\n do_syscall_64+0x95/0x180\n\nThe corresponding interrupt flag trace:\n\n hardirqs last enabled at (15573): [\u003cffffffffa8281b8e\u003e] __up_console_sem+0x7e/0x90\n hardirqs last disabled at (15580): [\u003cffffffffa8281b73\u003e] __up_console_sem+0x63/0x90\n\nThat means __up_console_sem() was invoked with interrupts enabled. Further\ninstrumentation revealed that in the interrupt disabled section of kexec\njump one of the syscore_suspend() callbacks woke up a task, which set the\nNEED_RESCHED flag. A later callback in the resume path invoked\ncond_resched() which in turn led to the invocation of the scheduler:\n\n __cond_resched+0x21/0x60\n down_timeout+0x18/0x60\n acpi_os_wait_semaphore+0x4c/0x80\n acpi_ut_acquire_mutex+0x3d/0x100\n acpi_ns_get_node+0x27/0x60\n acpi_ns_evaluate+0x1cb/0x2d0\n acpi_rs_set_srs_method_data+0x156/0x190\n acpi_pci_link_set+0x11c/0x290\n irqrouter_resume+0x54/0x60\n syscore_resume+0x6a/0x200\n kernel_kexec+0x145/0x1c0\n __do_sys_reboot+0xeb/0x240\n do_syscall_64+0x95/0x180\n\nThis is a long standing problem, which probably got more visible with\nthe recent printk changes. Something does a task wakeup and the\nscheduler sets the NEED_RESCHED flag. cond_resched() sees it set and\ninvokes schedule() from a completely bogus context. The scheduler\nenables interrupts after context switching, which causes the above\nwarning at the end.\n\nQuite some of the code paths in syscore_suspend()/resume() can result in\ntriggering a wakeup with the exactly same consequences. They might not\nhave done so yet, but as they share a lot of code with normal operations\nit\u0027s just a question of time.\n\nThe problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling\nmodels. Full preemption is not affected as cond_resched() is disabled and\nthe preemption check preemptible() takes the interrupt disabled flag into\naccount.\n\nCure the problem by adding a corresponding check into cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58090",
"url": "https://www.suse.com/security/cve/CVE-2024-58090"
},
{
"category": "external",
"summary": "SUSE Bug 1240324 for CVE-2024-58090",
"url": "https://bugzilla.suse.com/1240324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-58090"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2024-58240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: separate no-async decryption request handling from async\n\nIf we\u0027re not doing async, the handling is much simpler. There\u0027s no\nreference counting, we just need to wait for the completion to wake us\nup and return its result.\n\nWe should preferably also use a separate crypto_wait. I\u0027m not seeing a\nUAF as I did in the past, I think aec7961916f3 (\"tls: fix race between\nasync notify and socket close\") took care of it.\n\nThis will make the next fix easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58240",
"url": "https://www.suse.com/security/cve/CVE-2024-58240"
},
{
"category": "external",
"summary": "SUSE Bug 1248847 for CVE-2024-58240",
"url": "https://bugzilla.suse.com/1248847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2024-58240"
},
{
"cve": "CVE-2025-22022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Apply the link chain quirk on NEC isoc endpoints\n\nTwo clearly different specimens of NEC uPD720200 (one with start/stop\nbug, one without) were seen to cause IOMMU faults after some Missed\nService Errors. Faulting address is immediately after a transfer ring\nsegment and patched dynamic debug messages revealed that the MSE was\nreceived when waiting for a TD near the end of that segment:\n\n[ 1.041954] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ffa08fe0\n[ 1.042120] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09000 flags=0x0000]\n[ 1.042146] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09040 flags=0x0000]\n\nIt gets even funnier if the next page is a ring segment accessible to\nthe HC. Below, it reports MSE in segment at ff1e8000, plows through a\nzero-filled page at ff1e9000 and starts reporting events for TRBs in\npage at ff1ea000 every microframe, instead of jumping to seg ff1e6000.\n\n[ 7.041671] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.041999] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.042011] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042028] xhci_hcd: All TDs skipped for slot 1 ep 2. Clear skip flag.\n[ 7.042134] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042138] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042144] xhci_hcd: Looking for event-dma 00000000ff1ea040 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.042259] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042262] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042266] xhci_hcd: Looking for event-dma 00000000ff1ea050 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n\nAt some point completion events change from Isoch Buffer Overrun to\nShort Packet and the HC finally finds cycle bit mismatch in ff1ec000.\n\n[ 7.098130] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098132] xhci_hcd: Looking for event-dma 00000000ff1ecc50 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098254] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098256] xhci_hcd: Looking for event-dma 00000000ff1ecc60 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098379] xhci_hcd: Overrun event on slot 1 ep 2\n\nIt\u0027s possible that data from the isochronous device were written to\nrandom buffers of pending TDs on other endpoints (either IN or OUT),\nother devices or even other HCs in the same IOMMU domain.\n\nLastly, an error from a different USB device on another HC. Was it\ncaused by the above? I don\u0027t know, but it may have been. The disk\nwas working without any other issues and generated PCIe traffic to\nstarve the NEC of upstream BW and trigger those MSEs. The two HCs\nshared one x1 slot by means of a commercial \"PCIe splitter\" board.\n\n[ 7.162604] usb 10-2: reset SuperSpeed USB device number 3 using xhci_hcd\n[ 7.178990] sd 9:0:0:0: [sdb] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x07 driverbyte=DRIVER_OK cmd_age=0s\n[ 7.179001] sd 9:0:0:0: [sdb] tag#0 CDB: opcode=0x28 28 00 04 02 ae 00 00 02 00 00\n[ 7.179004] I/O error, dev sdb, sector 67284480 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0\n\nFortunately, it appears that this ridiculous bug is avoided by setting\nthe chain bit of Link TRBs on isochronous rings. Other ancient HCs are\nknown which also expect the bit to be set and they ignore Link TRBs if\nit\u0027s not. Reportedly, 0.95 spec guaranteed that the bit is set.\n\nThe bandwidth-starved NEC HC running a 32KB/uframe UVC endpoint reports\ntens of MSEs per second and runs into the bug within seconds. Chaining\nLink TRBs allows the same workload to run for many minutes, many times.\n\nNo ne\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22022",
"url": "https://www.suse.com/security/cve/CVE-2025-22022"
},
{
"category": "external",
"summary": "SUSE Bug 1241292 for CVE-2025-22022",
"url": "https://bugzilla.suse.com/1241292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-22022"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: ufs: Fix a hang in the error handler\n\nufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter\nfunction can only succeed if UFSHCD_EH_IN_PROGRESS is not set because\nresuming involves submitting a SCSI command and ufshcd_queuecommand()\nreturns SCSI_MLQUEUE_HOST_BUSY if UFSHCD_EH_IN_PROGRESS is set. Fix this\nhang by setting UFSHCD_EH_IN_PROGRESS after ufshcd_rpm_get_sync() has\nbeen called instead of before.\n\nBacktrace:\n__switch_to+0x174/0x338\n__schedule+0x600/0x9e4\nschedule+0x7c/0xe8\nschedule_timeout+0xa4/0x1c8\nio_schedule_timeout+0x48/0x70\nwait_for_common_io+0xa8/0x160 //waiting on START_STOP\nwait_for_completion_io_timeout+0x10/0x20\nblk_execute_rq+0xe4/0x1e4\nscsi_execute_cmd+0x108/0x244\nufshcd_set_dev_pwr_mode+0xe8/0x250\n__ufshcd_wl_resume+0x94/0x354\nufshcd_wl_runtime_resume+0x3c/0x174\nscsi_runtime_resume+0x64/0xa4\nrpm_resume+0x15c/0xa1c\n__pm_runtime_resume+0x4c/0x90 // Runtime resume ongoing\nufshcd_err_handler+0x1a0/0xd08\nprocess_one_work+0x174/0x808\nworker_thread+0x15c/0x490\nkthread+0xf4/0x1ec\nret_from_fork+0x10/0x20\n\n[ bvanassche: rewrote patch description ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38119",
"url": "https://www.suse.com/security/cve/CVE-2025-38119"
},
{
"category": "external",
"summary": "SUSE Bug 1245700 for CVE-2025-38119",
"url": "https://bugzilla.suse.com/1245700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38119"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/rt: Fix race in push_rt_task\n\nOverview\n========\nWhen a CPU chooses to call push_rt_task and picks a task to push to\nanother CPU\u0027s runqueue then it will call find_lock_lowest_rq method\nwhich would take a double lock on both CPUs\u0027 runqueues. If one of the\nlocks aren\u0027t readily available, it may lead to dropping the current\nrunqueue lock and reacquiring both the locks at once. During this window\nit is possible that the task is already migrated and is running on some\nother CPU. These cases are already handled. However, if the task is\nmigrated and has already been executed and another CPU is now trying to\nwake it up (ttwu) such that it is queued again on the runqeue\n(on_rq is 1) and also if the task was run by the same CPU, then the\ncurrent checks will pass even though the task was migrated out and is no\nlonger in the pushable tasks list.\n\nCrashes\n=======\nThis bug resulted in quite a few flavors of crashes triggering kernel\npanics with various crash signatures such as assert failures, page\nfaults, null pointer dereferences, and queue corruption errors all\ncoming from scheduler itself.\n\nSome of the crashes:\n-\u003e kernel BUG at kernel/sched/rt.c:1616! BUG_ON(idx \u003e= MAX_RT_PRIO)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? pick_next_task_rt+0x6e/0x1d0\n ? do_error_trap+0x64/0xa0\n ? pick_next_task_rt+0x6e/0x1d0\n ? exc_invalid_op+0x4c/0x60\n ? pick_next_task_rt+0x6e/0x1d0\n ? asm_exc_invalid_op+0x12/0x20\n ? pick_next_task_rt+0x6e/0x1d0\n __schedule+0x5cb/0x790\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: kernel NULL pointer dereference, address: 00000000000000c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? __warn+0x8a/0xe0\n ? exc_page_fault+0x3d6/0x520\n ? asm_exc_page_fault+0x1e/0x30\n ? pick_next_task_rt+0xb5/0x1d0\n ? pick_next_task_rt+0x8c/0x1d0\n __schedule+0x583/0x7e0\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: unable to handle page fault for address: ffff9464daea5900\n kernel BUG at kernel/sched/rt.c:1861! BUG_ON(rq-\u003ecpu != task_cpu(p))\n\n-\u003e kernel BUG at kernel/sched/rt.c:1055! BUG_ON(!rq-\u003enr_running)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? do_error_trap+0x64/0xa0\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? exc_invalid_op+0x4c/0x60\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? asm_exc_invalid_op+0x12/0x20\n ? dequeue_top_rt_rq+0xa2/0xb0\n dequeue_rt_entity+0x1f/0x70\n dequeue_task_rt+0x2d/0x70\n __schedule+0x1a8/0x7e0\n ? blk_finish_plug+0x25/0x40\n schedule+0x3c/0xb0\n futex_wait_queue_me+0xb6/0x120\n futex_wait+0xd9/0x240\n do_futex+0x344/0xa90\n ? get_mm_exe_file+0x30/0x60\n ? audit_exe_compare+0x58/0x70\n ? audit_filter_rules.constprop.26+0x65e/0x1220\n __x64_sys_futex+0x148/0x1f0\n do_syscall_64+0x30/0x80\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\n\n-\u003e BUG: unable to handle page fault for address: ffff8cf3608bc2c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? spurious_kernel_fault+0x171/0x1c0\n ? exc_page_fault+0x3b6/0x520\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? asm_exc_page_fault+0x1e/0x30\n ? _cond_resched+0x15/0x30\n ? futex_wait_queue_me+0xc8/0x120\n ? futex_wait+0xd9/0x240\n ? try_to_wake_up+0x1b8/0x490\n ? futex_wake+0x78/0x160\n ? do_futex+0xcd/0xa90\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? plist_del+0x6a/0xd0\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? dequeue_pushable_task+0x20/0x70\n ? __schedule+0x382/0x7e0\n ? asm_sysvec_reschedule_i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38234",
"url": "https://www.suse.com/security/cve/CVE-2025-38234"
},
{
"category": "external",
"summary": "SUSE Bug 1246057 for CVE-2025-38234",
"url": "https://bugzilla.suse.com/1246057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38234"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()\n\nWhile testing null_blk with configfs, echo 0 \u003e poll_queues will trigger\nfollowing panic:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\nRIP: 0010:__bitmap_or+0x48/0x70\nCall Trace:\n \u003cTASK\u003e\n __group_cpus_evenly+0x822/0x8c0\n group_cpus_evenly+0x2d9/0x490\n blk_mq_map_queues+0x1e/0x110\n null_map_queues+0xc9/0x170 [null_blk]\n blk_mq_update_queue_map+0xdb/0x160\n blk_mq_update_nr_hw_queues+0x22b/0x560\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_poll_queues_store+0xa4/0x130 [null_blk]\n configfs_write_iter+0x109/0x1d0\n vfs_write+0x26e/0x6f0\n ksys_write+0x79/0x180\n __x64_sys_write+0x1d/0x30\n x64_sys_call+0x45c4/0x45f0\n do_syscall_64+0xa5/0x240\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that numgrps is set to 0, and ZERO_SIZE_PTR is returned from\nkcalloc(), and later ZERO_SIZE_PTR will be deferenced.\n\nFix the problem by checking numgrps first in group_cpus_evenly(), and\nreturn NULL directly if numgrps is zero.\n\n[yukuai3@huawei.com: also fix the non-SMP version]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38255",
"url": "https://www.suse.com/security/cve/CVE-2025-38255"
},
{
"category": "external",
"summary": "SUSE Bug 1246190 for CVE-2025-38255",
"url": "https://bugzilla.suse.com/1246190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38255"
},
{
"cve": "CVE-2025-38263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix NULL pointer in cache_set_flush()\n\n1. LINE#1794 - LINE#1887 is some codes about function of\n bch_cache_set_alloc().\n2. LINE#2078 - LINE#2142 is some codes about function of\n register_cache_set().\n3. register_cache_set() will call bch_cache_set_alloc() in LINE#2098.\n\n 1794 struct cache_set *bch_cache_set_alloc(struct cache_sb *sb)\n 1795 {\n ...\n 1860 if (!(c-\u003edevices = kcalloc(c-\u003enr_uuids, sizeof(void *), GFP_KERNEL)) ||\n 1861 mempool_init_slab_pool(\u0026c-\u003esearch, 32, bch_search_cache) ||\n 1862 mempool_init_kmalloc_pool(\u0026c-\u003ebio_meta, 2,\n 1863 sizeof(struct bbio) + sizeof(struct bio_vec) *\n 1864 bucket_pages(c)) ||\n 1865 mempool_init_kmalloc_pool(\u0026c-\u003efill_iter, 1, iter_size) ||\n 1866 bioset_init(\u0026c-\u003ebio_split, 4, offsetof(struct bbio, bio),\n 1867 BIOSET_NEED_BVECS|BIOSET_NEED_RESCUER) ||\n 1868 !(c-\u003euuids = alloc_bucket_pages(GFP_KERNEL, c)) ||\n 1869 !(c-\u003emoving_gc_wq = alloc_workqueue(\"bcache_gc\",\n 1870 WQ_MEM_RECLAIM, 0)) ||\n 1871 bch_journal_alloc(c) ||\n 1872 bch_btree_cache_alloc(c) ||\n 1873 bch_open_buckets_alloc(c) ||\n 1874 bch_bset_sort_state_init(\u0026c-\u003esort, ilog2(c-\u003ebtree_pages)))\n 1875 goto err;\n ^^^^^^^^\n 1876\n ...\n 1883 return c;\n 1884 err:\n 1885 bch_cache_set_unregister(c);\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n 1886 return NULL;\n 1887 }\n ...\n 2078 static const char *register_cache_set(struct cache *ca)\n 2079 {\n ...\n 2098 c = bch_cache_set_alloc(\u0026ca-\u003esb);\n 2099 if (!c)\n 2100 return err;\n ^^^^^^^^^^\n ...\n 2128 ca-\u003eset = c;\n 2129 ca-\u003eset-\u003ecache[ca-\u003esb.nr_this_dev] = ca;\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n ...\n 2138 return NULL;\n 2139 err:\n 2140 bch_cache_set_unregister(c);\n 2141 return err;\n 2142 }\n\n(1) If LINE#1860 - LINE#1874 is true, then do \u0027goto err\u0027(LINE#1875) and\n call bch_cache_set_unregister()(LINE#1885).\n(2) As (1) return NULL(LINE#1886), LINE#2098 - LINE#2100 would return.\n(3) As (2) has returned, LINE#2128 - LINE#2129 would do *not* give the\n value to c-\u003ecache[], it means that c-\u003ecache[] is NULL.\n\nLINE#1624 - LINE#1665 is some codes about function of cache_set_flush().\nAs (1), in LINE#1885 call\nbch_cache_set_unregister()\n---\u003e bch_cache_set_stop()\n ---\u003e closure_queue()\n -.-\u003e cache_set_flush() (as below LINE#1624)\n\n 1624 static void cache_set_flush(struct closure *cl)\n 1625 {\n ...\n 1654 for_each_cache(ca, c, i)\n 1655 if (ca-\u003ealloc_thread)\n ^^\n 1656 kthread_stop(ca-\u003ealloc_thread);\n ...\n 1665 }\n\n(4) In LINE#1655 ca is NULL(see (3)) in cache_set_flush() then the\n kernel crash occurred as below:\n[ 846.712887] bcache: register_cache() error drbd6: cannot allocate memory\n[ 846.713242] bcache: register_bcache() error : failed to register device\n[ 846.713336] bcache: cache_set_free() Cache set 2f84bdc1-498a-4f2f-98a7-01946bf54287 unregistered\n[ 846.713768] BUG: unable to handle kernel NULL pointer dereference at 00000000000009f8\n[ 846.714790] PGD 0 P4D 0\n[ 846.715129] Oops: 0000 [#1] SMP PTI\n[ 846.715472] CPU: 19 PID: 5057 Comm: kworker/19:16 Kdump: loaded Tainted: G OE --------- - - 4.18.0-147.5.1.el8_1.5es.3.x86_64 #1\n[ 846.716082] Hardware name: ESPAN GI-25212/X11DPL-i, BIOS 2.1 06/15/2018\n[ 846.716451] Workqueue: events cache_set_flush [bcache]\n[ 846.716808] RIP: 0010:cache_set_flush+0xc9/0x1b0 [bcache]\n[ 846.717155] Code: 00 4c 89 a5 b0 03 00 00 48 8b 85 68 f6 ff ff a8 08 0f 84 88 00 00 00 31 db 66 83 bd 3c f7 ff ff 00 48 8b 85 48 ff ff ff 74 28 \u003c48\u003e 8b b8 f8 09 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38263",
"url": "https://www.suse.com/security/cve/CVE-2025-38263"
},
{
"category": "external",
"summary": "SUSE Bug 1246248 for CVE-2025-38263",
"url": "https://bugzilla.suse.com/1246248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38263"
},
{
"cve": "CVE-2025-38351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38351"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush\n\nIn KVM guests with Hyper-V hypercalls enabled, the hypercalls\nHVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX\nallow a guest to request invalidation of portions of a virtual TLB.\nFor this, the hypercall parameter includes a list of GVAs that are supposed\nto be invalidated.\n\nHowever, when non-canonical GVAs are passed, there is currently no\nfiltering in place and they are eventually passed to checked invocations of\nINVVPID on Intel / INVLPGA on AMD. While AMD\u0027s INVLPGA silently ignores\nnon-canonical addresses (effectively a no-op), Intel\u0027s INVVPID explicitly\nsignals VM-Fail and ultimately triggers the WARN_ONCE in invvpid_error():\n\n invvpid failed: ext=0x0 vpid=1 gva=0xaaaaaaaaaaaaa000\n WARNING: CPU: 6 PID: 326 at arch/x86/kvm/vmx/vmx.c:482\n invvpid_error+0x91/0xa0 [kvm_intel]\n Modules linked in: kvm_intel kvm 9pnet_virtio irqbypass fuse\n CPU: 6 UID: 0 PID: 326 Comm: kvm-vm Not tainted 6.15.0 #14 PREEMPT(voluntary)\n RIP: 0010:invvpid_error+0x91/0xa0 [kvm_intel]\n Call Trace:\n vmx_flush_tlb_gva+0x320/0x490 [kvm_intel]\n kvm_hv_vcpu_flush_tlb+0x24f/0x4f0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x3013/0x5810 [kvm]\n\nHyper-V documents that invalid GVAs (those that are beyond a partition\u0027s\nGVA space) are to be ignored. While not completely clear whether this\nruling also applies to non-canonical GVAs, it is likely fine to make that\nassumption, and manual testing on Azure confirms \"real\" Hyper-V interprets\nthe specification in the same way.\n\nSkip non-canonical GVAs when processing the list of address to avoid\ntripping the INVVPID failure. Alternatively, KVM could filter out \"bad\"\nGVAs before inserting into the FIFO, but practically speaking the only\ndownside of pushing validation to the final processing is that doing so\nis suboptimal for the guest, and no well-behaved guest will request TLB\nflushes for non-canonical addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38351",
"url": "https://www.suse.com/security/cve/CVE-2025-38351"
},
{
"category": "external",
"summary": "SUSE Bug 1246782 for CVE-2025-38351",
"url": "https://bugzilla.suse.com/1246782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38351"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: return 0 size for RSS key if not supported\n\nReturning -EOPNOTSUPP from function returning u32 is leading to\ncast and invalid size value as a result.\n\n-EOPNOTSUPP as a size probably will lead to allocation fail.\n\nCommand: ethtool -x eth0\nIt is visible on all devices that don\u0027t have RSS caps set.\n\n[ 136.615917] Call Trace:\n[ 136.615921] \u003cTASK\u003e\n[ 136.615927] ? __warn+0x89/0x130\n[ 136.615942] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.615953] ? report_bug+0x164/0x190\n[ 136.615968] ? handle_bug+0x58/0x90\n[ 136.615979] ? exc_invalid_op+0x17/0x70\n[ 136.615987] ? asm_exc_invalid_op+0x1a/0x20\n[ 136.616001] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616016] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.616028] __alloc_pages_noprof+0xe/0x20\n[ 136.616038] ___kmalloc_large_node+0x80/0x110\n[ 136.616072] __kmalloc_large_node_noprof+0x1d/0xa0\n[ 136.616081] __kmalloc_noprof+0x32c/0x4c0\n[ 136.616098] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616105] rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616114] ethnl_default_doit+0x107/0x3d0\n[ 136.616131] genl_family_rcv_msg_doit+0x100/0x160\n[ 136.616147] genl_rcv_msg+0x1b8/0x2c0\n[ 136.616156] ? __pfx_ethnl_default_doit+0x10/0x10\n[ 136.616168] ? __pfx_genl_rcv_msg+0x10/0x10\n[ 136.616176] netlink_rcv_skb+0x58/0x110\n[ 136.616186] genl_rcv+0x28/0x40\n[ 136.616195] netlink_unicast+0x19b/0x290\n[ 136.616206] netlink_sendmsg+0x222/0x490\n[ 136.616215] __sys_sendto+0x1fd/0x210\n[ 136.616233] __x64_sys_sendto+0x24/0x30\n[ 136.616242] do_syscall_64+0x82/0x160\n[ 136.616252] ? __sys_recvmsg+0x83/0xe0\n[ 136.616265] ? syscall_exit_to_user_mode+0x10/0x210\n[ 136.616275] ? do_syscall_64+0x8e/0x160\n[ 136.616282] ? __count_memcg_events+0xa1/0x130\n[ 136.616295] ? count_memcg_events.constprop.0+0x1a/0x30\n[ 136.616306] ? handle_mm_fault+0xae/0x2d0\n[ 136.616319] ? do_user_addr_fault+0x379/0x670\n[ 136.616328] ? clear_bhb_loop+0x45/0xa0\n[ 136.616340] ? clear_bhb_loop+0x45/0xa0\n[ 136.616349] ? clear_bhb_loop+0x45/0xa0\n[ 136.616359] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 136.616369] RIP: 0033:0x7fd30ba7b047\n[ 136.616376] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d bd d5 0c 00 00 41 89 ca 74 10 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 71 c3 55 48 83 ec 30 44 89 4c 24 2c 4c 89 44\n[ 136.616381] RSP: 002b:00007ffde1796d68 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 136.616388] RAX: ffffffffffffffda RBX: 000055d7bd89f2a0 RCX: 00007fd30ba7b047\n[ 136.616392] RDX: 0000000000000028 RSI: 000055d7bd89f3b0 RDI: 0000000000000003\n[ 136.616396] RBP: 00007ffde1796e10 R08: 00007fd30bb4e200 R09: 000000000000000c\n[ 136.616399] R10: 0000000000000000 R11: 0000000000000202 R12: 000055d7bd89f340\n[ 136.616403] R13: 000055d7bd89f3b0 R14: 000055d78943f200 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38402",
"url": "https://www.suse.com/security/cve/CVE-2025-38402"
},
{
"category": "external",
"summary": "SUSE Bug 1247262 for CVE-2025-38402",
"url": "https://bugzilla.suse.com/1247262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38402"
},
{
"cve": "CVE-2025-38408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/irq_sim: Initialize work context pointers properly\n\nInitialize `ops` member\u0027s pointers properly by using kzalloc() instead of\nkmalloc() when allocating the simulation work context. Otherwise the\npointers contain random content leading to invalid dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38408",
"url": "https://www.suse.com/security/cve/CVE-2025-38408"
},
{
"category": "external",
"summary": "SUSE Bug 1247126 for CVE-2025-38408",
"url": "https://bugzilla.suse.com/1247126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38408"
},
{
"cve": "CVE-2025-38418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails\n\nWhen rproc-\u003estate = RPROC_DETACHED is attached to remote processor\nthrough rproc_attach(), if rproc_handle_resources() returns failure,\nthen the clean table should be released, otherwise the following\nmemory leak will occur.\n\nunreferenced object 0xffff000086a99800 (size 1024):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893670 (age 121.140s)\nhex dump (first 32 bytes):\n00 00 00 00 00 80 00 00 00 00 00 00 00 00 10 00 ............\n00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 ............\nbacktrace:\n [\u003c000000008bbe4ca8\u003e] slab_post_alloc_hook+0x98/0x3fc\n [\u003c000000003b8a272b\u003e] __kmem_cache_alloc_node+0x13c/0x230\n [\u003c000000007a507c51\u003e] __kmalloc_node_track_caller+0x5c/0x260\n [\u003c0000000037818dae\u003e] kmemdup+0x34/0x60\n [\u003c00000000610f7f57\u003e] rproc_boot+0x35c/0x56c\n [\u003c0000000065f8871a\u003e] rproc_add+0x124/0x17c\n [\u003c00000000497416ee\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c000000003bcaa37d\u003e] platform_probe+0x68/0xd8\n [\u003c00000000771577f9\u003e] really_probe+0x110/0x27c\n [\u003c00000000531fea59\u003e] __driver_probe_device+0x78/0x12c\n [\u003c0000000080036a04\u003e] driver_probe_device+0x3c/0x118\n [\u003c000000007e0bddcb\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c000000000cf1fa33\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c000000001a53b53e\u003e] __device_attach+0xfc/0x18c\n [\u003c00000000d1a2a32c\u003e] device_initial_probe+0x14/0x20\n [\u003c00000000d8f8b7ae\u003e] bus_probe_device+0xb0/0xb4\n unreferenced object 0xffff0000864c9690 (size 16):",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38418",
"url": "https://www.suse.com/security/cve/CVE-2025-38418"
},
{
"category": "external",
"summary": "SUSE Bug 1247137 for CVE-2025-38418",
"url": "https://bugzilla.suse.com/1247137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38418"
},
{
"cve": "CVE-2025-38419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()\n\nWhen rproc-\u003estate = RPROC_DETACHED and rproc_attach() is used\nto attach to the remote processor, if rproc_handle_resources()\nreturns a failure, the resources allocated by imx_rproc_prepare()\nshould be released, otherwise the following memory leak will occur.\n\nSince almost the same thing is done in imx_rproc_prepare() and\nrproc_resource_cleanup(), Function rproc_resource_cleanup() is able\nto deal with empty lists so it is better to fix the \"goto\" statements\nin rproc_attach(). replace the \"unprepare_device\" goto statement with\n\"clean_up_resources\" and get rid of the \"unprepare_device\" label.\n\nunreferenced object 0xffff0000861c5d00 (size 128):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893509 (age 149.220s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 02 88 00 00 00 00 00 00 10 00 00 00 00 00 ............\nbacktrace:\n [\u003c00000000f949fe18\u003e] slab_post_alloc_hook+0x98/0x37c\n [\u003c00000000adbfb3e7\u003e] __kmem_cache_alloc_node+0x138/0x2e0\n [\u003c00000000521c0345\u003e] kmalloc_trace+0x40/0x158\n [\u003c000000004e330a49\u003e] rproc_mem_entry_init+0x60/0xf8\n [\u003c000000002815755e\u003e] imx_rproc_prepare+0xe0/0x180\n [\u003c0000000003f61b4e\u003e] rproc_boot+0x2ec/0x528\n [\u003c00000000e7e994ac\u003e] rproc_add+0x124/0x17c\n [\u003c0000000048594076\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c00000000efc298a1\u003e] platform_probe+0x68/0xd8\n [\u003c00000000110be6fe\u003e] really_probe+0x110/0x27c\n [\u003c00000000e245c0ae\u003e] __driver_probe_device+0x78/0x12c\n [\u003c00000000f61f6f5e\u003e] driver_probe_device+0x3c/0x118\n [\u003c00000000a7874938\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c0000000065319e69\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c00000000db3eb243\u003e] __device_attach+0xfc/0x18c\n [\u003c0000000072e4e1a4\u003e] device_initial_probe+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38419",
"url": "https://www.suse.com/security/cve/CVE-2025-38419"
},
{
"category": "external",
"summary": "SUSE Bug 1247136 for CVE-2025-38419",
"url": "https://bugzilla.suse.com/1247136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38419"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:msghandler: Fix potential memory corruption in ipmi_create_user()\n\nThe \"intf\" list iterator is an invalid pointer if the correct\n\"intf-\u003eintf_num\" is not found. Calling atomic_dec(\u0026intf-\u003enr_users) on\nand invalid pointer will lead to memory corruption.\n\nWe don\u0027t really need to call atomic_dec() if we haven\u0027t called\natomic_add_return() so update the if (intf-\u003ein_shutdown) path as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38456",
"url": "https://www.suse.com/security/cve/CVE-2025-38456"
},
{
"category": "external",
"summary": "SUSE Bug 1247099 for CVE-2025-38456",
"url": "https://bugzilla.suse.com/1247099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38456"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix wraparounds of sk-\u003esk_rmem_alloc.\n\nNetlink has this pattern in some places\n\n if (atomic_read(\u0026sk-\u003esk_rmem_alloc) \u003e sk-\u003esk_rcvbuf)\n \tatomic_add(skb-\u003etruesize, \u0026sk-\u003esk_rmem_alloc);\n\n, which has the same problem fixed by commit 5a465a0da13e (\"udp:\nFix multiple wraparounds of sk-\u003esk_rmem_alloc.\").\n\nFor example, if we set INT_MAX to SO_RCVBUFFORCE, the condition\nis always false as the two operands are of int.\n\nThen, a single socket can eat as many skb as possible until OOM\nhappens, and we can see multiple wraparounds of sk-\u003esk_rmem_alloc.\n\nLet\u0027s fix it by using atomic_add_return() and comparing the two\nvariables as unsigned int.\n\nBefore:\n [root@fedora ~]# ss -f netlink\n Recv-Q Send-Q Local Address:Port Peer Address:Port\n -1668710080 0 rtnl:nl_wraparound/293 *\n\nAfter:\n [root@fedora ~]# ss -f netlink\n Recv-Q Send-Q Local Address:Port Peer Address:Port\n 2147483072 0 rtnl:nl_wraparound/290 *\n ^\n `--- INT_MAX - 576",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38465",
"url": "https://www.suse.com/security/cve/CVE-2025-38465"
},
{
"category": "external",
"summary": "SUSE Bug 1247118 for CVE-2025-38465",
"url": "https://bugzilla.suse.com/1247118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38465"
},
{
"cve": "CVE-2025-38466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Revert to requiring CAP_SYS_ADMIN for uprobes\n\nJann reports that uprobes can be used destructively when used in the\nmiddle of an instruction. The kernel only verifies there is a valid\ninstruction at the requested offset, but due to variable instruction\nlength cannot determine if this is an instruction as seen by the\nintended execution stream.\n\nAdditionally, Mark Rutland notes that on architectures that mix data\nin the text segment (like arm64), a similar things can be done if the\ndata word is \u0027mistaken\u0027 for an instruction.\n\nAs such, require CAP_SYS_ADMIN for uprobes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38466",
"url": "https://www.suse.com/security/cve/CVE-2025-38466"
},
{
"category": "external",
"summary": "SUSE Bug 1247442 for CVE-2025-38466",
"url": "https://bugzilla.suse.com/1247442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38466"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in crypt_message when using async crypto\n\nThe CVE-2024-50047 fix removed asynchronous crypto handling from\ncrypt_message(), assuming all crypto operations are synchronous.\nHowever, when hardware crypto accelerators are used, this can cause\nuse-after-free crashes:\n\n crypt_message()\n // Allocate the creq buffer containing the req\n creq = smb2_get_aead_req(..., \u0026req);\n\n // Async encryption returns -EINPROGRESS immediately\n rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);\n\n // Free creq while async operation is still in progress\n kvfree_sensitive(creq, ...);\n\nHardware crypto modules often implement async AEAD operations for\nperformance. When crypto_aead_encrypt/decrypt() returns -EINPROGRESS,\nthe operation completes asynchronously. Without crypto_wait_req(),\nthe function immediately frees the request buffer, leading to crashes\nwhen the driver later accesses the freed memory.\n\nThis results in a use-after-free condition when the hardware crypto\ndriver later accesses the freed request structure, leading to kernel\ncrashes with NULL pointer dereferences.\n\nThe issue occurs because crypto_alloc_aead() with mask=0 doesn\u0027t\nguarantee synchronous operation. Even without CRYPTO_ALG_ASYNC in\nthe mask, async implementations can be selected.\n\nFix by restoring the async crypto handling:\n- DECLARE_CRYPTO_WAIT(wait) for completion tracking\n- aead_request_set_callback() for async completion notification\n- crypto_wait_req() to wait for operation completion\n\nThis ensures the request buffer isn\u0027t freed until the crypto operation\ncompletes, whether synchronous or asynchronous, while preserving the\nCVE-2024-50047 fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38488",
"url": "https://www.suse.com/security/cve/CVE-2025-38488"
},
{
"category": "external",
"summary": "SUSE Bug 1247239 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "external",
"summary": "SUSE Bug 1247240 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38488"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix oops due to non-existence of prealloc backlog struct\n\nIf an AF_RXRPC service socket is opened and bound, but calls are\npreallocated, then rxrpc_alloc_incoming_call() will oops because the\nrxrpc_backlog struct doesn\u0027t get allocated until the first preallocation is\nmade.\n\nFix this by returning NULL from rxrpc_alloc_incoming_call() if there is no\nbacklog struct. This will cause the incoming call to be aborted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38514",
"url": "https://www.suse.com/security/cve/CVE-2025-38514"
},
{
"category": "external",
"summary": "SUSE Bug 1248202 for CVE-2025-38514",
"url": "https://bugzilla.suse.com/1248202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38514"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: add NULL check in eswitch lag check\n\nThe function ice_lag_is_switchdev_running() is being called from outside of\nthe LAG event handler code. This results in the lag-\u003eupper_netdev being\nNULL sometimes. To avoid a NULL-pointer dereference, there needs to be a\ncheck before it is dereferenced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38526",
"url": "https://www.suse.com/security/cve/CVE-2025-38526"
},
{
"category": "external",
"summary": "SUSE Bug 1248192 for CVE-2025-38526",
"url": "https://bugzilla.suse.com/1248192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38526"
},
{
"cve": "CVE-2025-38527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n cifs_oplock_break()\n _cifsFileInfo_put(cfile)\n cifsFileInfo_put_final()\n cifs_sb_deactive()\n [last ref, start releasing sb]\n kill_sb()\n kill_anon_super()\n generic_shutdown_super()\n evict_inodes()\n dispose_list()\n evict()\n destroy_inode()\n call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n spin_lock(\u0026cinode-\u003eopen_file_lock) \u003c- OK\n [later] i_callback()\n cifs_free_inode()\n kmem_cache_free(cinode)\n spin_unlock(\u0026cinode-\u003eopen_file_lock) \u003c- UAF\n cifs_done_oplock_break(cinode) \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38527",
"url": "https://www.suse.com/security/cve/CVE-2025-38527"
},
{
"category": "external",
"summary": "SUSE Bug 1248199 for CVE-2025-38527",
"url": "https://bugzilla.suse.com/1248199"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38527"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix the using of Rx buffer DMA\n\nThe wx_rx_buffer structure contained two DMA address fields: \u0027dma\u0027 and\n\u0027page_dma\u0027. However, only \u0027page_dma\u0027 was actually initialized and used\nto program the Rx descriptor. But \u0027dma\u0027 was uninitialized and used in\nsome paths.\n\nThis could lead to undefined behavior, including DMA errors or\nuse-after-free, if the uninitialized \u0027dma\u0027 was used. Althrough such\nerror has not yet occurred, it is worth fixing in the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38533",
"url": "https://www.suse.com/security/cve/CVE-2025-38533"
},
{
"category": "external",
"summary": "SUSE Bug 1248200 for CVE-2025-38533",
"url": "https://bugzilla.suse.com/1248200"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38533"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix bug due to prealloc collision\n\nWhen userspace is using AF_RXRPC to provide a server, it has to preallocate\nincoming calls and assign to them call IDs that will be used to thread\nrelated recvmsg() and sendmsg() together. The preallocated call IDs will\nautomatically be attached to calls as they come in until the pool is empty.\n\nTo the kernel, the call IDs are just arbitrary numbers, but userspace can\nuse the call ID to hold a pointer to prepared structs. In any case, the\nuser isn\u0027t permitted to create two calls with the same call ID (call IDs\nbecome available again when the call ends) and EBADSLT should result from\nsendmsg() if an attempt is made to preallocate a call with an in-use call\nID.\n\nHowever, the cleanup in the error handling will trigger both assertions in\nrxrpc_cleanup_call() because the call isn\u0027t marked complete and isn\u0027t\nmarked as having been released.\n\nFix this by setting the call state in rxrpc_service_prealloc_one() and then\nmarking it as being released before calling the cleanup function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38544",
"url": "https://www.suse.com/security/cve/CVE-2025-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1248225 for CVE-2025-38544",
"url": "https://bugzilla.suse.com/1248225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38544"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn\u0027t reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38556",
"url": "https://www.suse.com/security/cve/CVE-2025-38556"
},
{
"category": "external",
"summary": "SUSE Bug 1248296 for CVE-2025-38556",
"url": "https://bugzilla.suse.com/1248296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38556"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38574",
"url": "https://www.suse.com/security/cve/CVE-2025-38574"
},
{
"category": "external",
"summary": "SUSE Bug 1248365 for CVE-2025-38574",
"url": "https://bugzilla.suse.com/1248365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38574"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix pd UAF once and for all\n\nThere is a race condition/UAF in padata_reorder that goes back\nto the initial commit. A reference count is taken at the start\nof the process in padata_do_parallel, and released at the end in\npadata_serial_worker.\n\nThis reference count is (and only is) required for padata_replace\nto function correctly. If padata_replace is never called then\nthere is no issue.\n\nIn the function padata_reorder which serves as the core of padata,\nas soon as padata is added to queue-\u003eserial.list, and the associated\nspin lock released, that padata may be processed and the reference\ncount on pd would go away.\n\nFix this by getting the next padata before the squeue-\u003eserial lock\nis released.\n\nIn order to make this possible, simplify padata_reorder by only\ncalling it once the next padata arrives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38584",
"url": "https://www.suse.com/security/cve/CVE-2025-38584"
},
{
"category": "external",
"summary": "SUSE Bug 1248343 for CVE-2025-38584",
"url": "https://bugzilla.suse.com/1248343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38584"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Remove skb secpath if xfrm state is not found\n\nHardware returns a unique identifier for a decrypted packet\u0027s xfrm\nstate, this state is looked up in an xarray. However, the state might\nhave been freed by the time of this lookup.\n\nCurrently, if the state is not found, only a counter is incremented.\nThe secpath (sp) extension on the skb is not removed, resulting in\nsp-\u003elen becoming 0.\n\nSubsequently, functions like __xfrm_policy_check() attempt to access\nfields such as xfrm_input_state(skb)-\u003exso.type (which dereferences\nsp-\u003exvec[sp-\u003elen - 1]) without first validating sp-\u003elen. This leads to\na crash when dereferencing an invalid state pointer.\n\nThis patch prevents the crash by explicitly removing the secpath\nextension from the skb if the xfrm state is not found after hardware\ndecryption. This ensures downstream functions do not operate on a\nzero-length secpath.\n\n BUG: unable to handle page fault for address: ffffffff000002c8\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 282e067 P4D 282e067 PUD 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 12 UID: 0 PID: 0 Comm: swapper/12 Not tainted 6.15.0-rc7_for_upstream_min_debug_2025_05_27_22_44 #1 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__xfrm_policy_check+0x61a/0xa30\n Code: b6 77 7f 83 e6 02 74 14 4d 8b af d8 00 00 00 41 0f b6 45 05 c1 e0 03 48 98 49 01 c5 41 8b 45 00 83 e8 01 48 98 49 8b 44 c5 10 \u003c0f\u003e b6 80 c8 02 00 00 83 e0 0c 3c 04 0f 84 0c 02 00 00 31 ff 80 fa\n RSP: 0018:ffff88885fb04918 EFLAGS: 00010297\n RAX: ffffffff00000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000000\n RBP: ffffffff8311af80 R08: 0000000000000020 R09: 00000000c2eda353\n R10: ffff88812be2bbc8 R11: 000000001faab533 R12: ffff88885fb049c8\n R13: ffff88812be2bbc8 R14: 0000000000000000 R15: ffff88811896ae00\n FS: 0000000000000000(0000) GS:ffff8888dca82000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffff000002c8 CR3: 0000000243050002 CR4: 0000000000372eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? try_to_wake_up+0x108/0x4c0\n ? udp4_lib_lookup2+0xbe/0x150\n ? udp_lib_lport_inuse+0x100/0x100\n ? __udp4_lib_lookup+0x2b0/0x410\n __xfrm_policy_check2.constprop.0+0x11e/0x130\n udp_queue_rcv_one_skb+0x1d/0x530\n udp_unicast_rcv_skb+0x76/0x90\n __udp4_lib_rcv+0xa64/0xe90\n ip_protocol_deliver_rcu+0x20/0x130\n ip_local_deliver_finish+0x75/0xa0\n ip_local_deliver+0xc1/0xd0\n ? ip_protocol_deliver_rcu+0x130/0x130\n ip_sublist_rcv+0x1f9/0x240\n ? ip_rcv_finish_core+0x430/0x430\n ip_list_rcv+0xfc/0x130\n __netif_receive_skb_list_core+0x181/0x1e0\n netif_receive_skb_list_internal+0x200/0x360\n ? mlx5e_build_rx_skb+0x1bc/0xda0 [mlx5_core]\n gro_receive_skb+0xfd/0x210\n mlx5e_handle_rx_cqe_mpwrq+0x141/0x280 [mlx5_core]\n mlx5e_poll_rx_cq+0xcc/0x8e0 [mlx5_core]\n ? mlx5e_handle_rx_dim+0x91/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x114/0xab0 [mlx5_core]\n __napi_poll+0x25/0x170\n net_rx_action+0x32d/0x3a0\n ? mlx5_eq_comp_int+0x8d/0x280 [mlx5_core]\n ? notifier_call_chain+0x33/0xa0\n handle_softirqs+0xda/0x250\n irq_exit_rcu+0x6d/0xc0\n common_interrupt+0x81/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38590",
"url": "https://www.suse.com/security/cve/CVE-2025-38590"
},
{
"category": "external",
"summary": "SUSE Bug 1248360 for CVE-2025-38590",
"url": "https://bugzilla.suse.com/1248360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38590"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: fix double free in \u0027hci_discovery_filter_clear()\u0027\n\nFunction \u0027hci_discovery_filter_clear()\u0027 frees \u0027uuids\u0027 array and then\nsets it to NULL. There is a tiny chance of the following race:\n\n\u0027hci_cmd_sync_work()\u0027\n\n \u0027update_passive_scan_sync()\u0027\n\n \u0027hci_update_passive_scan_sync()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids);\n\n \u003c-------------------------preempted--------------------------------\u003e\n \u0027start_service_discovery()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids); // DOUBLE FREE\n\n \u003c-------------------------preempted--------------------------------\u003e\n\n uuids = NULL;\n\nTo fix it let\u0027s add locking around \u0027kfree()\u0027 call and NULL pointer\nassignment. Otherwise the following backtrace fires:\n\n[ ] ------------[ cut here ]------------\n[ ] kernel BUG at mm/slub.c:547!\n[ ] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ ] CPU: 3 UID: 0 PID: 246 Comm: bluetoothd Tainted: G O 6.12.19-kernel #1\n[ ] Tainted: [O]=OOT_MODULE\n[ ] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ ] pc : __slab_free+0xf8/0x348\n[ ] lr : __slab_free+0x48/0x348\n...\n[ ] Call trace:\n[ ] __slab_free+0xf8/0x348\n[ ] kfree+0x164/0x27c\n[ ] start_service_discovery+0x1d0/0x2c0\n[ ] hci_sock_sendmsg+0x518/0x924\n[ ] __sock_sendmsg+0x54/0x60\n[ ] sock_write_iter+0x98/0xf8\n[ ] do_iter_readv_writev+0xe4/0x1c8\n[ ] vfs_writev+0x128/0x2b0\n[ ] do_writev+0xfc/0x118\n[ ] __arm64_sys_writev+0x20/0x2c\n[ ] invoke_syscall+0x68/0xf0\n[ ] el0_svc_common.constprop.0+0x40/0xe0\n[ ] do_el0_svc+0x1c/0x28\n[ ] el0_svc+0x30/0xd0\n[ ] el0t_64_sync_handler+0x100/0x12c\n[ ] el0t_64_sync+0x194/0x198\n[ ] Code: 8b0002e6 eb17031f 54fffbe1 d503201f (d4210000)\n[ ] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38593",
"url": "https://www.suse.com/security/cve/CVE-2025-38593"
},
{
"category": "external",
"summary": "SUSE Bug 1248357 for CVE-2025-38593",
"url": "https://bugzilla.suse.com/1248357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38593"
},
{
"cve": "CVE-2025-38595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: fix UAF in dmabuf_exp_from_pages()\n\n[dma_buf_fd() fixes; no preferences regarding the tree it goes through -\nup to xen folks]\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\ngntdev dmabuf_exp_from_pages() calls it and then proceeds to access the\nobjects destroyed on close - starting with gntdev_dmabuf itself.\n\nFix that by doing reserving descriptor before anything else and do\nfd_install() only when everything had been set up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38595",
"url": "https://www.suse.com/security/cve/CVE-2025-38595"
},
{
"category": "external",
"summary": "SUSE Bug 1248380 for CVE-2025-38595",
"url": "https://bugzilla.suse.com/1248380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38595"
},
{
"cve": "CVE-2025-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port\n\nEach window of a vop2 is usable by a specific set of video ports, so while\nbinding the vop2, we look through the list of available windows trying to\nfind one designated as primary-plane and usable by that specific port.\n\nThe code later wants to use drm_crtc_init_with_planes with that found\nprimary plane, but nothing has checked so far if a primary plane was\nactually found.\n\nFor whatever reason, the rk3576 vp2 does not have a usable primary window\n(if vp0 is also in use) which brought the issue to light and ended in a\nnull-pointer dereference further down.\n\nAs we expect a primary-plane to exist for a video-port, add a check at\nthe end of the window-iteration and fail probing if none was found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38597",
"url": "https://www.suse.com/security/cve/CVE-2025-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1248378 for CVE-2025-38597",
"url": "https://bugzilla.suse.com/1248378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38597"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()\n\nIn ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to\nretrieve the ab pointer. In vdev delete sequence the arvif-\u003ear could\nbecome NULL and that would trigger kernel panic.\nSince the caller ath12k_dp_tx() already has a valid ab pointer, pass it\ndirectly to avoid panic and unnecessary dereferencing.\n\nPC points to \"ath12k_dp_tx+0x228/0x988 [ath12k]\"\nLR points to \"ath12k_dp_tx+0xc8/0x988 [ath12k]\".\nThe Backtrace obtained is as follows:\nath12k_dp_tx+0x228/0x988 [ath12k]\nath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]\nieee80211_process_measurement_req+0x320/0x348 [mac80211]\nieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]\nieee80211_tx_dequeue+0xb14/0x1518 [mac80211]\nieee80211_tx_prepare_skb+0x224/0x254 [mac80211]\nieee80211_xmit+0xec/0x100 [mac80211]\n__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]\nieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]\nnetdev_start_xmit+0x150/0x18c\ndev_hard_start_xmit+0x74/0xc0\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38605",
"url": "https://www.suse.com/security/cve/CVE-2025-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1248334 for CVE-2025-38605",
"url": "https://bugzilla.suse.com/1248334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38614",
"url": "https://www.suse.com/security/cve/CVE-2025-38614"
},
{
"category": "external",
"summary": "SUSE Bug 1248392 for CVE-2025-38614",
"url": "https://bugzilla.suse.com/1248392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: drop UFO packets in udp_rcv_segment()\n\nWhen sending a packet with virtio_net_hdr to tun device, if the gso_type\nin virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr\nsize, below crash may happen.\n\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:4572!\n Oops: invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 0 UID: 0 PID: 62 Comm: mytest Not tainted 6.16.0-rc7 #203 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:skb_pull_rcsum+0x8e/0xa0\n Code: 00 00 5b c3 cc cc cc cc 8b 93 88 00 00 00 f7 da e8 37 44 38 00 f7 d8 89 83 88 00 00 00 48 8b 83 c8 00 00 00 5b c3 cc cc cc cc \u003c0f\u003e 0b 0f 0b 66 66 2e 0f 1f 84 00 000\n RSP: 0018:ffffc900001fba38 EFLAGS: 00000297\n RAX: 0000000000000004 RBX: ffff8880040c1000 RCX: ffffc900001fb948\n RDX: ffff888003e6d700 RSI: 0000000000000008 RDI: ffff88800411a062\n RBP: ffff8880040c1000 R08: 0000000000000000 R09: 0000000000000001\n R10: ffff888003606c00 R11: 0000000000000001 R12: 0000000000000000\n R13: ffff888004060900 R14: ffff888004050000 R15: ffff888004060900\n FS: 000000002406d3c0(0000) GS:ffff888084a19000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000040 CR3: 0000000004007000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n udp_queue_rcv_one_skb+0x176/0x4b0 net/ipv4/udp.c:2445\n udp_queue_rcv_skb+0x155/0x1f0 net/ipv4/udp.c:2475\n udp_unicast_rcv_skb+0x71/0x90 net/ipv4/udp.c:2626\n __udp4_lib_rcv+0x433/0xb00 net/ipv4/udp.c:2690\n ip_protocol_deliver_rcu+0xa6/0x160 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x72/0x90 net/ipv4/ip_input.c:233\n ip_sublist_rcv_finish+0x5f/0x70 net/ipv4/ip_input.c:579\n ip_sublist_rcv+0x122/0x1b0 net/ipv4/ip_input.c:636\n ip_list_rcv+0xf7/0x130 net/ipv4/ip_input.c:670\n __netif_receive_skb_list_core+0x21d/0x240 net/core/dev.c:6067\n netif_receive_skb_list_internal+0x186/0x2b0 net/core/dev.c:6210\n napi_complete_done+0x78/0x180 net/core/dev.c:6580\n tun_get_user+0xa63/0x1120 drivers/net/tun.c:1909\n tun_chr_write_iter+0x65/0xb0 drivers/net/tun.c:1984\n vfs_write+0x300/0x420 fs/read_write.c:593\n ksys_write+0x60/0xd0 fs/read_write.c:686\n do_syscall_64+0x50/0x1c0 arch/x86/entry/syscall_64.c:63\n \u003c/TASK\u003e\n\nTo trigger gso segment in udp_queue_rcv_skb(), we should also set option\nUDP_ENCAP_ESPINUDP to enable udp_sk(sk)-\u003eencap_rcv. When the encap_rcv\nhook return 1 in udp_queue_rcv_one_skb(), udp_csum_pull_header() will try\nto pull udphdr, but the skb size has been segmented to gso size, which\nleads to this crash.\n\nPrevious commit cf329aa42b66 (\"udp: cope with UDP GRO packet misdirection\")\nintroduces segmentation in UDP receive path only for GRO, which was never\nintended to be used for UFO, so drop UFO packets in udp_rcv_segment().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38622",
"url": "https://www.suse.com/security/cve/CVE-2025-38622"
},
{
"category": "external",
"summary": "SUSE Bug 1248619 for CVE-2025-38622",
"url": "https://bugzilla.suse.com/1248619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38622"
},
{
"cve": "CVE-2025-38623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38623"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Fix surprise plug detection and recovery\n\nThe existing PowerNV hotplug code did not handle surprise plug events\ncorrectly, leading to a complete failure of the hotplug system after device\nremoval and a required reboot to detect new devices.\n\nThis comes down to two issues:\n\n 1) When a device is surprise removed, often the bridge upstream\n port will cause a PE freeze on the PHB. If this freeze is not\n cleared, the MSI interrupts from the bridge hotplug notification\n logic will not be received by the kernel, stalling all plug events\n on all slots associated with the PE.\n\n 2) When a device is removed from a slot, regardless of surprise or\n programmatic removal, the associated PHB/PE ls left frozen.\n If this freeze is not cleared via a fundamental reset, skiboot\n is unable to clear the freeze and cannot retrain / rescan the\n slot. This also requires a reboot to clear the freeze and redetect\n the device in the slot.\n\nIssue the appropriate unfreeze and rescan commands on hotplug events,\nand don\u0027t oops on hotplug if pci_bus_to_OF_node() returns NULL.\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38623",
"url": "https://www.suse.com/security/cve/CVE-2025-38623"
},
{
"category": "external",
"summary": "SUSE Bug 1248610 for CVE-2025-38623",
"url": "https://bugzilla.suse.com/1248610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "low"
}
],
"title": "CVE-2025-38623"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_nfacct: don\u0027t assume acct name is null-terminated\n\nBUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721\nRead of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851\n[..]\n string+0x231/0x2b0 lib/vsprintf.c:721\n vsnprintf+0x739/0xf00 lib/vsprintf.c:2874\n [..]\n nfacct_mt_checkentry+0xd2/0xe0 net/netfilter/xt_nfacct.c:41\n xt_check_match+0x3d1/0xab0 net/netfilter/x_tables.c:523\n\nnfnl_acct_find_get() handles non-null input, but the error\nprintk relied on its presence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38639",
"url": "https://www.suse.com/security/cve/CVE-2025-38639"
},
{
"category": "external",
"summary": "SUSE Bug 1248674 for CVE-2025-38639",
"url": "https://bugzilla.suse.com/1248674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38639"
},
{
"cve": "CVE-2025-38640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable migration in nf_hook_run_bpf().\n\nsyzbot reported that the netfilter bpf prog can be called without\nmigration disabled in xmit path.\n\nThen the assertion in __bpf_prog_run() fails, triggering the splat\nbelow. [0]\n\nLet\u0027s use bpf_prog_run_pin_on_cpu() in nf_hook_run_bpf().\n\n[0]:\nBUG: assuming non migratable context at ./include/linux/filter.h:703\nin_atomic(): 0, irqs_disabled(): 0, migration_disabled() 0 pid: 5829, name: sshd-session\n3 locks held by sshd-session/5829:\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1667 [inline]\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x20/0x50 net/ipv4/tcp.c:1395\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: __ip_queue_xmit+0x69/0x26c0 net/ipv4/ip_output.c:470\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: nf_hook+0xb2/0x680 include/linux/netfilter.h:241\nCPU: 0 UID: 0 PID: 5829 Comm: sshd-session Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120\n __cant_migrate kernel/sched/core.c:8860 [inline]\n __cant_migrate+0x1c7/0x250 kernel/sched/core.c:8834\n __bpf_prog_run include/linux/filter.h:703 [inline]\n bpf_prog_run include/linux/filter.h:725 [inline]\n nf_hook_run_bpf+0x83/0x1e0 net/netfilter/nf_bpf_link.c:20\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:623\n nf_hook+0x370/0x680 include/linux/netfilter.h:272\n NF_HOOK_COND include/linux/netfilter.h:305 [inline]\n ip_output+0x1bc/0x2a0 net/ipv4/ip_output.c:433\n dst_output include/net/dst.h:459 [inline]\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n __ip_queue_xmit+0x1d7d/0x26c0 net/ipv4/ip_output.c:527\n __tcp_transmit_skb+0x2686/0x3e90 net/ipv4/tcp_output.c:1479\n tcp_transmit_skb net/ipv4/tcp_output.c:1497 [inline]\n tcp_write_xmit+0x1274/0x84e0 net/ipv4/tcp_output.c:2838\n __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:3021\n tcp_push+0x225/0x700 net/ipv4/tcp.c:759\n tcp_sendmsg_locked+0x1870/0x42b0 net/ipv4/tcp.c:1359\n tcp_sendmsg+0x2e/0x50 net/ipv4/tcp.c:1396\n inet_sendmsg+0xb9/0x140 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x4aa/0x5b0 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x6c7/0x1150 fs/read_write.c:686\n ksys_write+0x1f8/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe7d365d407\nCode: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\nRSP:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38640",
"url": "https://www.suse.com/security/cve/CVE-2025-38640"
},
{
"category": "external",
"summary": "SUSE Bug 1248622 for CVE-2025-38640",
"url": "https://bugzilla.suse.com/1248622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38640"
},
{
"cve": "CVE-2025-38643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c6003c2b3\u003e] show_stack+0x10e/0x11a\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c60037608\u003e] dump_stack_lvl+0x71/0xb8\n [\u003c6063717b\u003e] ? wdev_chandef+0x60/0x165\n [\u003c6003766d\u003e] dump_stack+0x1e/0x20\n [\u003c6005d1b7\u003e] __warn+0x101/0x20f\n [\u003c6005d3a8\u003e] warn_slowpath_fmt+0xe3/0x15d\n [\u003c600b0c5c\u003e] ? mark_lock.part.0+0x0/0x4ec\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c600b11a2\u003e] ? mark_held_locks+0x5a/0x6e\n [\u003c6005d2c5\u003e] ? warn_slowpath_fmt+0x0/0x15d\n [\u003c60052e53\u003e] ? unblock_signals+0x3a/0xe7\n [\u003c60052f2d\u003e] ? um_set_signals+0x2d/0x43\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c607508b2\u003e] ? lock_is_held_type+0x207/0x21f\n [\u003c6063717b\u003e] wdev_chandef+0x60/0x165\n [\u003c605f89b4\u003e] regulatory_propagate_dfs_state+0x247/0x43f\n [\u003c60052f00\u003e] ? um_set_signals+0x0/0x43\n [\u003c605e6bfd\u003e] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [\u003c6007e460\u003e] process_scheduled_works+0x3bc/0x60e\n [\u003c6007d0ec\u003e] ? move_linked_works+0x4d/0x81\n [\u003c6007d120\u003e] ? assign_work+0x0/0xaa\n [\u003c6007f81f\u003e] worker_thread+0x220/0x2dc\n [\u003c600786ef\u003e] ? set_pf_worker+0x0/0x57\n [\u003c60087c96\u003e] ? to_kthread+0x0/0x43\n [\u003c6008ab3c\u003e] kthread+0x2d3/0x2e2\n [\u003c6007f5ff\u003e] ? worker_thread+0x0/0x2dc\n [\u003c6006c05b\u003e] ? calculate_sigpending+0x0/0x56\n [\u003c6003b37d\u003e] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [\u003c00000000600bc96b\u003e] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [\u003c00000000600bc92c\u003e] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [\u003c00000000606c55c6\u003e] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [\u003c00000000606c52d6\u003e] __ieee80211_wake_queue+0x643/0x985",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38643",
"url": "https://www.suse.com/security/cve/CVE-2025-38643"
},
{
"category": "external",
"summary": "SUSE Bug 1248681 for CVE-2025-38643",
"url": "https://bugzilla.suse.com/1248681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38643"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Check device memory pointer before usage\n\nAdd a NULL check before accessing device memory to prevent a crash if\ndev-\u003edm allocation in mlx5_init_once() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38645",
"url": "https://www.suse.com/security/cve/CVE-2025-38645"
},
{
"category": "external",
"summary": "SUSE Bug 1248626 for CVE-2025-38645",
"url": "https://bugzilla.suse.com/1248626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38645"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: No more self recovery\n\nWhen a node withdraws and it turns out that it is the only node that has\nthe filesystem mounted, gfs2 currently tries to replay the local journal\nto bring the filesystem back into a consistent state. Not only is that\na very bad idea, it has also never worked because gfs2_recover_func()\nwill refuse to do anything during a withdraw.\n\nHowever, before even getting to this point, gfs2_recover_func()\ndereferences sdp-\u003esd_jdesc-\u003ejd_inode. This was a use-after-free before\ncommit 04133b607a78 (\"gfs2: Prevent double iput for journal on error\")\nand is a NULL pointer dereference since then.\n\nSimply get rid of self recovery to fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38659",
"url": "https://www.suse.com/security/cve/CVE-2025-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1248639 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "external",
"summary": "SUSE Bug 1248759 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38659"
},
{
"cve": "CVE-2025-38660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n[ceph] parse_longname(): strrchr() expects NUL-terminated string\n\n... and parse_longname() is not guaranteed that. That\u0027s the reason\nwhy it uses kmemdup_nul() to build the argument for kstrtou64();\nthe problem is, kstrtou64() is not the only thing that need it.\n\nJust get a NUL-terminated copy of the entire thing and be done\nwith that...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38660",
"url": "https://www.suse.com/security/cve/CVE-2025-38660"
},
{
"category": "external",
"summary": "SUSE Bug 1248634 for CVE-2025-38660",
"url": "https://bugzilla.suse.com/1248634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38660"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix a null pointer dereference in ice_copy_and_init_pkg()\n\nAdd check for the return value of devm_kmemdup()\nto prevent potential null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38664",
"url": "https://www.suse.com/security/cve/CVE-2025-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1248628 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "external",
"summary": "SUSE Bug 1248631 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38664"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the \u0027reg-dummy\u0027 platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38668",
"url": "https://www.suse.com/security/cve/CVE-2025-38668"
},
{
"category": "external",
"summary": "SUSE Bug 1248647 for CVE-2025-38668",
"url": "https://bugzilla.suse.com/1248647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38668"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
},
{
"cve": "CVE-2025-38676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38676",
"url": "https://www.suse.com/security/cve/CVE-2025-38676"
},
{
"category": "external",
"summary": "SUSE Bug 1248775 for CVE-2025-38676",
"url": "https://bugzilla.suse.com/1248775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38676"
},
{
"cve": "CVE-2025-38678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject duplicate device on updates\n\nA chain/flowtable update with duplicated devices in the same batch is\npossible. Unfortunately, netdev event path only removes the first\ndevice that is found, leaving unregistered the hook of the duplicated\ndevice.\n\nCheck if a duplicated device exists in the transaction batch, bail out\nwith EEXIST in such case.\n\nWARNING is hit when unregistering the hook:\n\n [49042.221275] WARNING: CPU: 4 PID: 8425 at net/netfilter/core.c:340 nf_hook_entry_head+0xaa/0x150\n [49042.221375] CPU: 4 UID: 0 PID: 8425 Comm: nft Tainted: G S 6.16.0+ #170 PREEMPT(full)\n [...]\n [49042.221382] RIP: 0010:nf_hook_entry_head+0xaa/0x150",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38678",
"url": "https://www.suse.com/security/cve/CVE-2025-38678"
},
{
"category": "external",
"summary": "SUSE Bug 1249126 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "external",
"summary": "SUSE Bug 1249534 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38678"
},
{
"cve": "CVE-2025-38679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: Fix OOB read due to missing payload bound check\n\nCurrently, The event_seq_changed() handler processes a variable number\nof properties sent by the firmware. The number of properties is indicated\nby the firmware and used to iterate over the payload. However, the\npayload size is not being validated against the actual message length.\n\nThis can lead to out-of-bounds memory access if the firmware provides a\nproperty count that exceeds the data available in the payload. Such a\ncondition can result in kernel crashes or potential information leaks if\nmemory beyond the buffer is accessed.\n\nFix this by properly validating the remaining size of the payload before\neach property access and updating bounds accordingly as properties are\nparsed.\n\nThis ensures that property parsing is safely bounded within the received\nmessage buffer and protects against malformed or malicious firmware\nbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38679",
"url": "https://www.suse.com/security/cve/CVE-2025-38679"
},
{
"category": "external",
"summary": "SUSE Bug 1249202 for CVE-2025-38679",
"url": "https://bugzilla.suse.com/1249202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38679"
},
{
"cve": "CVE-2025-38680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()\n\nThe buffer length check before calling uvc_parse_format() only ensured\nthat the buffer has at least 3 bytes (buflen \u003e 2), buf the function\naccesses buffer[3], requiring at least 4 bytes.\n\nThis can lead to an out-of-bounds read if the buffer has exactly 3 bytes.\n\nFix it by checking that the buffer has at least 4 bytes in\nuvc_parse_format().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38680",
"url": "https://www.suse.com/security/cve/CVE-2025-38680"
},
{
"category": "external",
"summary": "SUSE Bug 1249203 for CVE-2025-38680",
"url": "https://bugzilla.suse.com/1249203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38680"
},
{
"cve": "CVE-2025-38681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()\n\nMemory hot remove unmaps and tears down various kernel page table regions\nas required. The ptdump code can race with concurrent modifications of\nthe kernel page tables. When leaf entries are modified concurrently, the\ndump code may log stale or inconsistent information for a VA range, but\nthis is otherwise not harmful.\n\nBut when intermediate levels of kernel page table are freed, the dump code\nwill continue to use memory that has been freed and potentially\nreallocated for another purpose. In such cases, the ptdump code may\ndereference bogus addresses, leading to a number of potential problems.\n\nTo avoid the above mentioned race condition, platforms such as arm64,\nriscv and s390 take memory hotplug lock, while dumping kernel page table\nvia the sysfs interface /sys/kernel/debug/kernel_page_tables.\n\nSimilar race condition exists while checking for pages that might have\nbeen marked W+X via /sys/kernel/debug/kernel_page_tables/check_wx_pages\nwhich in turn calls ptdump_check_wx(). Instead of solving this race\ncondition again, let\u0027s just move the memory hotplug lock inside generic\nptdump_check_wx() which will benefit both the scenarios.\n\nDrop get_online_mems() and put_online_mems() combination from all existing\nplatform ptdump code paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38681",
"url": "https://www.suse.com/security/cve/CVE-2025-38681"
},
{
"category": "external",
"summary": "SUSE Bug 1249204 for CVE-2025-38681",
"url": "https://bugzilla.suse.com/1249204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38681"
},
{
"cve": "CVE-2025-38683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Fix panic during namespace deletion with VF\n\nThe existing code move the VF NIC to new namespace when NETDEV_REGISTER is\nreceived on netvsc NIC. During deletion of the namespace,\ndefault_device_exit_batch() \u003e\u003e default_device_exit_net() is called. When\nnetvsc NIC is moved back and registered to the default namespace, it\nautomatically brings VF NIC back to the default namespace. This will cause\nthe default_device_exit_net() \u003e\u003e for_each_netdev_safe loop unable to detect\nthe list end, and hit NULL ptr:\n\n[ 231.449420] mana 7870:00:00.0 enP30832s1: Moved VF to namespace with: eth0\n[ 231.449656] BUG: kernel NULL pointer dereference, address: 0000000000000010\n[ 231.450246] #PF: supervisor read access in kernel mode\n[ 231.450579] #PF: error_code(0x0000) - not-present page\n[ 231.450916] PGD 17b8a8067 P4D 0\n[ 231.451163] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 231.451450] CPU: 82 UID: 0 PID: 1394 Comm: kworker/u768:1 Not tainted 6.16.0-rc4+ #3 VOLUNTARY\n[ 231.452042] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 231.452692] Workqueue: netns cleanup_net\n[ 231.452947] RIP: 0010:default_device_exit_batch+0x16c/0x3f0\n[ 231.453326] Code: c0 0c f5 b3 e8 d5 db fe ff 48 85 c0 74 15 48 c7 c2 f8 fd ca b2 be 10 00 00 00 48 8d 7d c0 e8 7b 77 25 00 49 8b 86 28 01 00 00 \u003c48\u003e 8b 50 10 4c 8b 2a 4c 8d 62 f0 49 83 ed 10 4c 39 e0 0f 84 d6 00\n[ 231.454294] RSP: 0018:ff75fc7c9bf9fd00 EFLAGS: 00010246\n[ 231.454610] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 61c8864680b583eb\n[ 231.455094] RDX: ff1fa9f71462d800 RSI: ff75fc7c9bf9fd38 RDI: 0000000030766564\n[ 231.455686] RBP: ff75fc7c9bf9fd78 R08: 0000000000000000 R09: 0000000000000000\n[ 231.456126] R10: 0000000000000001 R11: 0000000000000004 R12: ff1fa9f70088e340\n[ 231.456621] R13: ff1fa9f70088e340 R14: ffffffffb3f50c20 R15: ff1fa9f7103e6340\n[ 231.457161] FS: 0000000000000000(0000) GS:ff1faa6783a08000(0000) knlGS:0000000000000000\n[ 231.457707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 231.458031] CR2: 0000000000000010 CR3: 0000000179ab2006 CR4: 0000000000b73ef0\n[ 231.458434] Call Trace:\n[ 231.458600] \u003cTASK\u003e\n[ 231.458777] ops_undo_list+0x100/0x220\n[ 231.459015] cleanup_net+0x1b8/0x300\n[ 231.459285] process_one_work+0x184/0x340\n\nTo fix it, move the ns change to a workqueue, and take rtnl_lock to avoid\nchanging the netdev list when default_device_exit_net() is using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38683",
"url": "https://www.suse.com/security/cve/CVE-2025-38683"
},
{
"category": "external",
"summary": "SUSE Bug 1249159 for CVE-2025-38683",
"url": "https://bugzilla.suse.com/1249159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38683"
},
{
"cve": "CVE-2025-38684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: use old \u0027nbands\u0027 while purging unused classes\n\nShuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify()\nafter recent changes from Lion [2]. The problem is: in ets_qdisc_change()\nwe purge unused DWRR queues; the value of \u0027q-\u003enbands\u0027 is the new one, and\nthe cleanup should be done with the old one. The problem is here since my\nfirst attempts to fix ets_qdisc_change(), but it surfaced again after the\nrecent qdisc len accounting fixes. Fix it purging idle DWRR queues before\nassigning a new value of \u0027q-\u003enbands\u0027, so that all purge operations find a\nconsistent configuration:\n\n - old \u0027q-\u003enbands\u0027 because it\u0027s needed by ets_class_find()\n - old \u0027q-\u003enstrict\u0027 because it\u0027s needed by ets_class_is_strict()\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary)\n Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021\n RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80\n Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c48\u003e 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab\n RSP: 0018:ffffba186009f400 EFLAGS: 00010202\n RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004\n RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004\n R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000\n R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000\n FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ets_class_qlen_notify+0x65/0x90 [sch_ets]\n qdisc_tree_reduce_backlog+0x74/0x110\n ets_qdisc_change+0x630/0xa40 [sch_ets]\n __tc_modify_qdisc.constprop.0+0x216/0x7f0\n tc_modify_qdisc+0x7c/0x120\n rtnetlink_rcv_msg+0x145/0x3f0\n netlink_rcv_skb+0x53/0x100\n netlink_unicast+0x245/0x390\n netlink_sendmsg+0x21b/0x470\n ____sys_sendmsg+0x39d/0x3d0\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x7d/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f2155114084\n Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084\n RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003\n RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f\n R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0\n R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0\n \u003c/TASK\u003e\n\n [1] https://lore.kernel.org/netdev/e08c7f4a6882f260011909a868311c6e9b54f3e4.1639153474.git.dcaratti@redhat.com/\n [2] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38684",
"url": "https://www.suse.com/security/cve/CVE-2025-38684"
},
{
"category": "external",
"summary": "SUSE Bug 1249156 for CVE-2025-38684",
"url": "https://bugzilla.suse.com/1249156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38684"
},
{
"cve": "CVE-2025-38685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix vmalloc out-of-bounds write in fast_imageblit\n\nThis issue triggers when a userspace program does an ioctl\nFBIOPUT_CON2FBMAP by passing console number and frame buffer number.\nIdeally this maps console to frame buffer and updates the screen if\nconsole is visible.\n\nAs part of mapping it has to do resize of console according to frame\nbuffer info. if this resize fails and returns from vc_do_resize() and\ncontinues further. At this point console and new frame buffer are mapped\nand sets display vars. Despite failure still it continue to proceed\nupdating the screen at later stages where vc_data is related to previous\nframe buffer and frame buffer info and display vars are mapped to new\nframe buffer and eventully leading to out-of-bounds write in\nfast_imageblit(). This bheviour is excepted only when fg_console is\nequal to requested console which is a visible console and updates screen\nwith invalid struct references in fbcon_putcs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38685",
"url": "https://www.suse.com/security/cve/CVE-2025-38685"
},
{
"category": "external",
"summary": "SUSE Bug 1249220 for CVE-2025-38685",
"url": "https://bugzilla.suse.com/1249220"
},
{
"category": "external",
"summary": "SUSE Bug 1249240 for CVE-2025-38685",
"url": "https://bugzilla.suse.com/1249240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38685"
},
{
"cve": "CVE-2025-38687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: fix race between polling and detaching\n\nsyzbot reports a use-after-free in comedi in the below link, which is\ndue to comedi gladly removing the allocated async area even though poll\nrequests are still active on the wait_queue_head inside of it. This can\ncause a use-after-free when the poll entries are later triggered or\nremoved, as the memory for the wait_queue_head has been freed. We need\nto check there are no tasks queued on any of the subdevices\u0027 wait queues\nbefore allowing the device to be detached by the `COMEDI_DEVCONFIG`\nioctl.\n\nTasks will read-lock `dev-\u003eattach_lock` before adding themselves to the\nsubdevice wait queue, so fix the problem in the `COMEDI_DEVCONFIG` ioctl\nhandler by write-locking `dev-\u003eattach_lock` before checking that all of\nthe subdevices are safe to be deleted. This includes testing for any\nsleepers on the subdevices\u0027 wait queues. It remains locked until the\ndevice has been detached. This requires the `comedi_device_detach()`\nfunction to be refactored slightly, moving the bulk of it into new\nfunction `comedi_device_detach_locked()`.\n\nNote that the refactor of `comedi_device_detach()` results in\n`comedi_device_cancel_all()` now being called while `dev-\u003eattach_lock`\nis write-locked, which wasn\u0027t the case previously, but that does not\nmatter.\n\nThanks to Jens Axboe for diagnosing the problem and co-developing this\npatch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38687",
"url": "https://www.suse.com/security/cve/CVE-2025-38687"
},
{
"category": "external",
"summary": "SUSE Bug 1249177 for CVE-2025-38687",
"url": "https://bugzilla.suse.com/1249177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38687"
},
{
"cve": "CVE-2025-38691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npNFS: Fix uninited ptr deref in block/scsi layout\n\nThe error occurs on the third attempt to encode extents. When function\next_tree_prepare_commit() reallocates a larger buffer to retry encoding\nextents, the \"layoutupdate_pages\" page array is initialized only after the\nretry loop. But ext_tree_free_commitdata() is called on every iteration\nand tries to put pages in the array, thus dereferencing uninitialized\npointers.\n\nAn additional problem is that there is no limit on the maximum possible\nbuffer_size. When there are too many extents, the client may create a\nlayoutcommit that is larger than the maximum possible RPC size accepted\nby the server.\n\nDuring testing, we observed two typical scenarios. First, one memory page\nfor extents is enough when we work with small files, append data to the\nend of the file, or preallocate extents before writing. But when we fill\na new large file without preallocating, the number of extents can be huge,\nand counting the number of written extents in ext_tree_encode_commit()\ndoes not help much. Since this number increases even more between\nunlocking and locking of ext_tree, the reallocated buffer may not be\nlarge enough again and again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38691",
"url": "https://www.suse.com/security/cve/CVE-2025-38691"
},
{
"category": "external",
"summary": "SUSE Bug 1249215 for CVE-2025-38691",
"url": "https://bugzilla.suse.com/1249215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38691"
},
{
"cve": "CVE-2025-38692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: add cluster chain loop check for dir\n\nAn infinite loop may occur if the following conditions occur due to\nfile system corruption.\n\n(1) Condition for exfat_count_dir_entries() to loop infinitely.\n - The cluster chain includes a loop.\n - There is no UNUSED entry in the cluster chain.\n\n(2) Condition for exfat_create_upcase_table() to loop infinitely.\n - The cluster chain of the root directory includes a loop.\n - There are no UNUSED entry and up-case table entry in the cluster\n chain of the root directory.\n\n(3) Condition for exfat_load_bitmap() to loop infinitely.\n - The cluster chain of the root directory includes a loop.\n - There are no UNUSED entry and bitmap entry in the cluster chain\n of the root directory.\n\n(4) Condition for exfat_find_dir_entry() to loop infinitely.\n - The cluster chain includes a loop.\n - The unused directory entries were exhausted by some operation.\n\n(5) Condition for exfat_check_dir_empty() to loop infinitely.\n - The cluster chain includes a loop.\n - The unused directory entries were exhausted by some operation.\n - All files and sub-directories under the directory are deleted.\n\nThis commit adds checks to break the above infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38692",
"url": "https://www.suse.com/security/cve/CVE-2025-38692"
},
{
"category": "external",
"summary": "SUSE Bug 1249221 for CVE-2025-38692",
"url": "https://bugzilla.suse.com/1249221"
},
{
"category": "external",
"summary": "SUSE Bug 1249239 for CVE-2025-38692",
"url": "https://bugzilla.suse.com/1249239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38692"
},
{
"cve": "CVE-2025-38693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar\n\nIn w7090p_tuner_write_serpar, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former checks on msg[0].buf would be passed. If accessing msg[0].buf[2] without sanity check, null pointer deref would happen. We add\ncheck on msg[0].len to prevent crash.\n\nSimilar commit: commit 0ed554fd769a (\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38693",
"url": "https://www.suse.com/security/cve/CVE-2025-38693"
},
{
"category": "external",
"summary": "SUSE Bug 1249190 for CVE-2025-38693",
"url": "https://bugzilla.suse.com/1249190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38693"
},
{
"cve": "CVE-2025-38694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()\n\nIn dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and\nmsg[0].len is zero, former checks on msg[0].buf would be passed. If accessing\nmsg[0].buf[2] without sanity check, null pointer deref would happen. We add\ncheck on msg[0].len to prevent crash. Similar issue occurs when access\nmsg[1].buf[0] and msg[1].buf[1].\n\nSimilar commit: commit 0ed554fd769a (\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38694",
"url": "https://www.suse.com/security/cve/CVE-2025-38694"
},
{
"category": "external",
"summary": "SUSE Bug 1249272 for CVE-2025-38694",
"url": "https://bugzilla.suse.com/1249272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38694"
},
{
"cve": "CVE-2025-38695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure\n\nIf a call to lpfc_sli4_read_rev() from lpfc_sli4_hba_setup() fails, the\nresultant cleanup routine lpfc_sli4_vport_delete_fcp_xri_aborted() may\noccur before sli4_hba.hdwqs are allocated. This may result in a null\npointer dereference when attempting to take the abts_io_buf_list_lock for\nthe first hardware queue. Fix by adding a null ptr check on\nphba-\u003esli4_hba.hdwq and early return because this situation means there\nmust have been an error during port initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38695",
"url": "https://www.suse.com/security/cve/CVE-2025-38695"
},
{
"category": "external",
"summary": "SUSE Bug 1249285 for CVE-2025-38695",
"url": "https://bugzilla.suse.com/1249285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38695"
},
{
"cve": "CVE-2025-38697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: upper bound check of tree index in dbAllocAG\n\nWhen computing the tree index in dbAllocAG, we never check if we are\nout of bounds realative to the size of the stree.\nThis could happen in a scenario where the filesystem metadata are\ncorrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38697",
"url": "https://www.suse.com/security/cve/CVE-2025-38697"
},
{
"category": "external",
"summary": "SUSE Bug 1249257 for CVE-2025-38697",
"url": "https://bugzilla.suse.com/1249257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38697"
},
{
"cve": "CVE-2025-38698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Regular file corruption check\n\nThe reproducer builds a corrupted file on disk with a negative i_size value.\nAdd a check when opening this file to avoid subsequent operation failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38698",
"url": "https://www.suse.com/security/cve/CVE-2025-38698"
},
{
"category": "external",
"summary": "SUSE Bug 1249255 for CVE-2025-38698",
"url": "https://bugzilla.suse.com/1249255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-38698"
},
{
"cve": "CVE-2025-38701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not BUG when INLINE_DATA_FL lacks system.data xattr\n\nA syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data()\nwhen an inode had the INLINE_DATA_FL flag set but was missing the\nsystem.data extended attribute.\n\nSince this can happen due to a maiciouly fuzzed file system, we\nshouldn\u0027t BUG, but rather, report it as a corrupted file system.\n\nAdd similar replacements of BUG_ON with EXT4_ERROR_INODE() ii\next4_create_inline_data() and ext4_inline_data_truncate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38701",
"url": "https://www.suse.com/security/cve/CVE-2025-38701"
},
{
"category": "external",
"summary": "SUSE Bug 1249258 for CVE-2025-38701",
"url": "https://bugzilla.suse.com/1249258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38701"
},
{
"cve": "CVE-2025-38702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fix potential buffer overflow in do_register_framebuffer()\n\nThe current implementation may lead to buffer overflow when:\n1. Unregistration creates NULL gaps in registered_fb[]\n2. All array slots become occupied despite num_registered_fb \u003c FB_MAX\n3. The registration loop exceeds array bounds\n\nAdd boundary check to prevent registered_fb[FB_MAX] access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38702",
"url": "https://www.suse.com/security/cve/CVE-2025-38702"
},
{
"category": "external",
"summary": "SUSE Bug 1249254 for CVE-2025-38702",
"url": "https://bugzilla.suse.com/1249254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38702"
},
{
"cve": "CVE-2025-38705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix null pointer access\n\nWriting a string without delimiters (\u0027 \u0027, \u0027\\n\u0027, \u0027\\0\u0027) to the under\ngpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile\nwill result in a null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38705",
"url": "https://www.suse.com/security/cve/CVE-2025-38705"
},
{
"category": "external",
"summary": "SUSE Bug 1249334 for CVE-2025-38705",
"url": "https://bugzilla.suse.com/1249334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38705"
},
{
"cve": "CVE-2025-38706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()\n\nsnd_soc_remove_pcm_runtime() might be called with rtd == NULL which will\nleads to null pointer dereference.\nThis was reproduced with topology loading and marking a link as ignore\ndue to missing hardware component on the system.\nOn module removal the soc_tplg_remove_link() would call\nsnd_soc_remove_pcm_runtime() with rtd == NULL since the link was ignored,\nno runtime was created.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38706",
"url": "https://www.suse.com/security/cve/CVE-2025-38706"
},
{
"category": "external",
"summary": "SUSE Bug 1249195 for CVE-2025-38706",
"url": "https://bugzilla.suse.com/1249195"
},
{
"category": "external",
"summary": "SUSE Bug 1250193 for CVE-2025-38706",
"url": "https://bugzilla.suse.com/1250193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38706"
},
{
"cve": "CVE-2025-38709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Avoid updating block size under exclusive owner\n\nSyzbot came up with a reproducer where a loop device block size is\nchanged underneath a mounted filesystem. This causes a mismatch between\nthe block device block size and the block size stored in the superblock\ncausing confusion in various places such as fs/buffer.c. The particular\nissue triggered by syzbot was a warning in __getblk_slow() due to\nrequested buffer size not matching block device block size.\n\nFix the problem by getting exclusive hold of the loop device to change\nits block size. This fails if somebody (such as filesystem) has already\nan exclusive ownership of the block device and thus prevents modifying\nthe loop device under some exclusive owner which doesn\u0027t expect it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38709",
"url": "https://www.suse.com/security/cve/CVE-2025-38709"
},
{
"category": "external",
"summary": "SUSE Bug 1249199 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249199"
},
{
"category": "external",
"summary": "SUSE Bug 1249535 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38709"
},
{
"cve": "CVE-2025-38712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38712"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t use BUG_ON() in hfsplus_create_attributes_file()\n\nWhen the volume header contains erroneous values that do not reflect\nthe actual state of the filesystem, hfsplus_fill_super() assumes that\nthe attributes file is not yet created, which later results in hitting\nBUG_ON() when hfsplus_create_attributes_file() is called. Replace this\nBUG_ON() with -EIO error with a message to suggest running fsck tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38712",
"url": "https://www.suse.com/security/cve/CVE-2025-38712"
},
{
"category": "external",
"summary": "SUSE Bug 1249194 for CVE-2025-38712",
"url": "https://bugzilla.suse.com/1249194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38712"
},
{
"cve": "CVE-2025-38713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nThe hfsplus_readdir() method is capable to crash by calling\nhfsplus_uni2asc():\n\n[ 667.121659][ T9805] ==================================================================\n[ 667.122651][ T9805] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x902/0xa10\n[ 667.123627][ T9805] Read of size 2 at addr ffff88802592f40c by task repro/9805\n[ 667.124578][ T9805]\n[ 667.124876][ T9805] CPU: 3 UID: 0 PID: 9805 Comm: repro Not tainted 6.16.0-rc3 #1 PREEMPT(full)\n[ 667.124886][ T9805] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 667.124890][ T9805] Call Trace:\n[ 667.124893][ T9805] \u003cTASK\u003e\n[ 667.124896][ T9805] dump_stack_lvl+0x10e/0x1f0\n[ 667.124911][ T9805] print_report+0xd0/0x660\n[ 667.124920][ T9805] ? __virt_addr_valid+0x81/0x610\n[ 667.124928][ T9805] ? __phys_addr+0xe8/0x180\n[ 667.124934][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124942][ T9805] kasan_report+0xc6/0x100\n[ 667.124950][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124959][ T9805] hfsplus_uni2asc+0x902/0xa10\n[ 667.124966][ T9805] ? hfsplus_bnode_read+0x14b/0x360\n[ 667.124974][ T9805] hfsplus_readdir+0x845/0xfc0\n[ 667.124984][ T9805] ? __pfx_hfsplus_readdir+0x10/0x10\n[ 667.124994][ T9805] ? stack_trace_save+0x8e/0xc0\n[ 667.125008][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125015][ T9805] ? trace_lock_acquire+0x85/0xd0\n[ 667.125022][ T9805] ? lock_acquire+0x30/0x80\n[ 667.125029][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125037][ T9805] ? down_read_killable+0x1ed/0x4c0\n[ 667.125044][ T9805] ? putname+0x154/0x1a0\n[ 667.125051][ T9805] ? __pfx_down_read_killable+0x10/0x10\n[ 667.125058][ T9805] ? apparmor_file_permission+0x239/0x3e0\n[ 667.125069][ T9805] iterate_dir+0x296/0xb20\n[ 667.125076][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.125084][ T9805] ? __pfx___x64_sys_getdents64+0x10/0x10\n[ 667.125091][ T9805] ? __x64_sys_openat+0x141/0x200\n[ 667.125126][ T9805] ? __pfx_filldir64+0x10/0x10\n[ 667.125134][ T9805] ? do_user_addr_fault+0x7fe/0x12f0\n[ 667.125143][ T9805] do_syscall_64+0xc9/0x480\n[ 667.125151][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.125158][ T9805] RIP: 0033:0x7fa8753b2fc9\n[ 667.125164][ T9805] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 48\n[ 667.125172][ T9805] RSP: 002b:00007ffe96f8e0f8 EFLAGS: 00000217 ORIG_RAX: 00000000000000d9\n[ 667.125181][ T9805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8753b2fc9\n[ 667.125185][ T9805] RDX: 0000000000000400 RSI: 00002000000063c0 RDI: 0000000000000004\n[ 667.125190][ T9805] RBP: 00007ffe96f8e110 R08: 00007ffe96f8e110 R09: 00007ffe96f8e110\n[ 667.125195][ T9805] R10: 0000000000000000 R11: 0000000000000217 R12: 0000556b1e3b4260\n[ 667.125199][ T9805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 667.125207][ T9805] \u003c/TASK\u003e\n[ 667.125210][ T9805]\n[ 667.145632][ T9805] Allocated by task 9805:\n[ 667.145991][ T9805] kasan_save_stack+0x20/0x40\n[ 667.146352][ T9805] kasan_save_track+0x14/0x30\n[ 667.146717][ T9805] __kasan_kmalloc+0xaa/0xb0\n[ 667.147065][ T9805] __kmalloc_noprof+0x205/0x550\n[ 667.147448][ T9805] hfsplus_find_init+0x95/0x1f0\n[ 667.147813][ T9805] hfsplus_readdir+0x220/0xfc0\n[ 667.148174][ T9805] iterate_dir+0x296/0xb20\n[ 667.148549][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.148937][ T9805] do_syscall_64+0xc9/0x480\n[ 667.149291][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.149809][ T9805]\n[ 667.150030][ T9805] The buggy address belongs to the object at ffff88802592f000\n[ 667.150030][ T9805] which belongs to the cache kmalloc-2k of size 2048\n[ 667.151282][ T9805] The buggy address is located 0 bytes to the right of\n[ 667.151282][ T9805] allocated 1036-byte region [ffff88802592f000, ffff88802592f40c)\n[ 667.1\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38713",
"url": "https://www.suse.com/security/cve/CVE-2025-38713"
},
{
"category": "external",
"summary": "SUSE Bug 1249200 for CVE-2025-38713",
"url": "https://bugzilla.suse.com/1249200"
},
{
"category": "external",
"summary": "SUSE Bug 1249738 for CVE-2025-38713",
"url": "https://bugzilla.suse.com/1249738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38713"
},
{
"cve": "CVE-2025-38714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()\n\nThe hfsplus_bnode_read() method can trigger the issue:\n\n[ 174.852007][ T9784] ==================================================================\n[ 174.852709][ T9784] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x2f4/0x360\n[ 174.853412][ T9784] Read of size 8 at addr ffff88810b5fc6c0 by task repro/9784\n[ 174.854059][ T9784]\n[ 174.854272][ T9784] CPU: 1 UID: 0 PID: 9784 Comm: repro Not tainted 6.16.0-rc3 #7 PREEMPT(full)\n[ 174.854281][ T9784] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 174.854286][ T9784] Call Trace:\n[ 174.854289][ T9784] \u003cTASK\u003e\n[ 174.854292][ T9784] dump_stack_lvl+0x10e/0x1f0\n[ 174.854305][ T9784] print_report+0xd0/0x660\n[ 174.854315][ T9784] ? __virt_addr_valid+0x81/0x610\n[ 174.854323][ T9784] ? __phys_addr+0xe8/0x180\n[ 174.854330][ T9784] ? hfsplus_bnode_read+0x2f4/0x360\n[ 174.854337][ T9784] kasan_report+0xc6/0x100\n[ 174.854346][ T9784] ? hfsplus_bnode_read+0x2f4/0x360\n[ 174.854354][ T9784] hfsplus_bnode_read+0x2f4/0x360\n[ 174.854362][ T9784] hfsplus_bnode_dump+0x2ec/0x380\n[ 174.854370][ T9784] ? __pfx_hfsplus_bnode_dump+0x10/0x10\n[ 174.854377][ T9784] ? hfsplus_bnode_write_u16+0x83/0xb0\n[ 174.854385][ T9784] ? srcu_gp_start+0xd0/0x310\n[ 174.854393][ T9784] ? __mark_inode_dirty+0x29e/0xe40\n[ 174.854402][ T9784] hfsplus_brec_remove+0x3d2/0x4e0\n[ 174.854411][ T9784] __hfsplus_delete_attr+0x290/0x3a0\n[ 174.854419][ T9784] ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10\n[ 174.854427][ T9784] ? __pfx___hfsplus_delete_attr+0x10/0x10\n[ 174.854436][ T9784] ? __asan_memset+0x23/0x50\n[ 174.854450][ T9784] hfsplus_delete_all_attrs+0x262/0x320\n[ 174.854459][ T9784] ? __pfx_hfsplus_delete_all_attrs+0x10/0x10\n[ 174.854469][ T9784] ? rcu_is_watching+0x12/0xc0\n[ 174.854476][ T9784] ? __mark_inode_dirty+0x29e/0xe40\n[ 174.854483][ T9784] hfsplus_delete_cat+0x845/0xde0\n[ 174.854493][ T9784] ? __pfx_hfsplus_delete_cat+0x10/0x10\n[ 174.854507][ T9784] hfsplus_unlink+0x1ca/0x7c0\n[ 174.854516][ T9784] ? __pfx_hfsplus_unlink+0x10/0x10\n[ 174.854525][ T9784] ? down_write+0x148/0x200\n[ 174.854532][ T9784] ? __pfx_down_write+0x10/0x10\n[ 174.854540][ T9784] vfs_unlink+0x2fe/0x9b0\n[ 174.854549][ T9784] do_unlinkat+0x490/0x670\n[ 174.854557][ T9784] ? __pfx_do_unlinkat+0x10/0x10\n[ 174.854565][ T9784] ? __might_fault+0xbc/0x130\n[ 174.854576][ T9784] ? getname_flags.part.0+0x1c5/0x550\n[ 174.854584][ T9784] __x64_sys_unlink+0xc5/0x110\n[ 174.854592][ T9784] do_syscall_64+0xc9/0x480\n[ 174.854600][ T9784] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 174.854608][ T9784] RIP: 0033:0x7f6fdf4c3167\n[ 174.854614][ T9784] Code: f0 ff ff 73 01 c3 48 8b 0d 26 0d 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 08\n[ 174.854622][ T9784] RSP: 002b:00007ffcb948bca8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057\n[ 174.854630][ T9784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6fdf4c3167\n[ 174.854636][ T9784] RDX: 00007ffcb948bcc0 RSI: 00007ffcb948bcc0 RDI: 00007ffcb948bd50\n[ 174.854641][ T9784] RBP: 00007ffcb948cd90 R08: 0000000000000001 R09: 00007ffcb948bb40\n[ 174.854645][ T9784] R10: 00007f6fdf564fc0 R11: 0000000000000206 R12: 0000561e1bc9c2d0\n[ 174.854650][ T9784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 174.854658][ T9784] \u003c/TASK\u003e\n[ 174.854661][ T9784]\n[ 174.879281][ T9784] Allocated by task 9784:\n[ 174.879664][ T9784] kasan_save_stack+0x20/0x40\n[ 174.880082][ T9784] kasan_save_track+0x14/0x30\n[ 174.880500][ T9784] __kasan_kmalloc+0xaa/0xb0\n[ 174.880908][ T9784] __kmalloc_noprof+0x205/0x550\n[ 174.881337][ T9784] __hfs_bnode_create+0x107/0x890\n[ 174.881779][ T9784] hfsplus_bnode_find+0x2d0/0xd10\n[ 174.882222][ T9784] hfsplus_brec_find+0x2b0/0x520\n[ 174.882659][ T9784] hfsplus_delete_all_attrs+0x23b/0x3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38714",
"url": "https://www.suse.com/security/cve/CVE-2025-38714"
},
{
"category": "external",
"summary": "SUSE Bug 1249260 for CVE-2025-38714",
"url": "https://bugzilla.suse.com/1249260"
},
{
"category": "external",
"summary": "SUSE Bug 1249596 for CVE-2025-38714",
"url": "https://bugzilla.suse.com/1249596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38714"
},
{
"cve": "CVE-2025-38715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: fix slab-out-of-bounds in hfs_bnode_read()\n\nThis patch introduces is_bnode_offset_valid() method that checks\nthe requested offset value. Also, it introduces\ncheck_and_correct_requested_length() method that checks and\ncorrect the requested length (if it is necessary). These methods\nare used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(),\nhfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent\nthe access out of allocated memory and triggering the crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38715",
"url": "https://www.suse.com/security/cve/CVE-2025-38715"
},
{
"category": "external",
"summary": "SUSE Bug 1249196 for CVE-2025-38715",
"url": "https://bugzilla.suse.com/1249196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38715"
},
{
"cve": "CVE-2025-38721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix refcount leak on table dump\n\nThere is a reference count leak in ctnetlink_dump_table():\n if (res \u003c 0) {\n nf_conntrack_get(\u0026ct-\u003ect_general); // HERE\n cb-\u003eargs[1] = (unsigned long)ct;\n ...\n\nWhile its very unlikely, its possible that ct == last.\nIf this happens, then the refcount of ct was already incremented.\nThis 2nd increment is never undone.\n\nThis prevents the conntrack object from being released, which in turn\nkeeps prevents cnet-\u003ecount from dropping back to 0.\n\nThis will then block the netns dismantle (or conntrack rmmod) as\nnf_conntrack_cleanup_net_list() will wait forever.\n\nThis can be reproduced by running conntrack_resize.sh selftest in a loop.\nIt takes ~20 minutes for me on a preemptible kernel on average before\nI see a runaway kworker spinning in nf_conntrack_cleanup_net_list.\n\nOne fix would to change this to:\n if (res \u003c 0) {\n\t\tif (ct != last)\n\t nf_conntrack_get(\u0026ct-\u003ect_general);\n\nBut this reference counting isn\u0027t needed in the first place.\nWe can just store a cookie value instead.\n\nA followup patch will do the same for ctnetlink_exp_dump_table,\nit looks to me as if this has the same problem and like\nctnetlink_dump_table, we only need a \u0027skip hint\u0027, not the actual\nobject so we can apply the same cookie strategy there as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38721",
"url": "https://www.suse.com/security/cve/CVE-2025-38721"
},
{
"category": "external",
"summary": "SUSE Bug 1249176 for CVE-2025-38721",
"url": "https://bugzilla.suse.com/1249176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38721"
},
{
"cve": "CVE-2025-38722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhabanalabs: fix UAF in export_dmabuf()\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\nhabanalabs export_dmabuf() calls it and then proceeds to access the\nobjects destroyed on close. In particular, it grabs an extra reference to\nanother struct file that will be dropped as part of -\u003erelease() for ours;\nthat \"will be\" is actually \"might have already been\".\n\nFix that by reserving descriptor before anything else and do fd_install()\nonly when everything had been set up. As a side benefit, we no longer\nhave the failure exit with file already created, but reference to\nunderlying file (as well as -\u003edmabuf_export_cnt, etc.) not grabbed yet;\nunlike dma_buf_fd(), fd_install() can\u0027t fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38722",
"url": "https://www.suse.com/security/cve/CVE-2025-38722"
},
{
"category": "external",
"summary": "SUSE Bug 1249163 for CVE-2025-38722",
"url": "https://bugzilla.suse.com/1249163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38722"
},
{
"cve": "CVE-2025-38724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()\n\nLei Lu recently reported that nfsd4_setclientid_confirm() did not check\nthe return value from get_client_locked(). a SETCLIENTID_CONFIRM could\nrace with a confirmed client expiring and fail to get a reference. That\ncould later lead to a UAF.\n\nFix this by getting a reference early in the case where there is an\nextant confirmed client. If that fails then treat it as if there were no\nconfirmed client found at all.\n\nIn the case where the unconfirmed client is expiring, just fail and\nreturn the result from get_client_locked().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38724",
"url": "https://www.suse.com/security/cve/CVE-2025-38724"
},
{
"category": "external",
"summary": "SUSE Bug 1249169 for CVE-2025-38724",
"url": "https://bugzilla.suse.com/1249169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38724"
},
{
"cve": "CVE-2025-38725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix_devices: add phy_mask for ax88772 mdio bus\n\nWithout setting phy_mask for ax88772 mdio bus, current driver may create\nat most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f.\nDLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy\ndevice will bind to net phy driver. This is creating issue during system\nsuspend/resume since phy_polling_mode() in phy_state_machine() will\ndirectly deference member of phydev-\u003edrv for non-main phy devices. Then\nNULL pointer dereference issue will occur. Due to only external phy or\ninternal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud\nthe issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38725",
"url": "https://www.suse.com/security/cve/CVE-2025-38725"
},
{
"category": "external",
"summary": "SUSE Bug 1249170 for CVE-2025-38725",
"url": "https://bugzilla.suse.com/1249170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38725"
},
{
"cve": "CVE-2025-38727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: avoid infinite retry looping in netlink_unicast()\n\nnetlink_attachskb() checks for the socket\u0027s read memory allocation\nconstraints. Firstly, it has:\n\n rmem \u003c READ_ONCE(sk-\u003esk_rcvbuf)\n\nto check if the just increased rmem value fits into the socket\u0027s receive\nbuffer. If not, it proceeds and tries to wait for the memory under:\n\n rmem + skb-\u003etruesize \u003e READ_ONCE(sk-\u003esk_rcvbuf)\n\nThe checks don\u0027t cover the case when skb-\u003etruesize + sk-\u003esk_rmem_alloc is\nequal to sk-\u003esk_rcvbuf. Thus the function neither successfully accepts\nthese conditions, nor manages to reschedule the task - and is called in\nretry loop for indefinite time which is caught as:\n\n rcu: INFO: rcu_sched self-detected stall on CPU\n rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212\n (t=26000 jiffies g=230833 q=259957)\n NMI backtrace for cpu 0\n CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014\n Call Trace:\n \u003cIRQ\u003e\n dump_stack lib/dump_stack.c:120\n nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105\n nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62\n rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335\n rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590\n update_process_times kernel/time/timer.c:1953\n tick_sched_handle kernel/time/tick-sched.c:227\n tick_sched_timer kernel/time/tick-sched.c:1399\n __hrtimer_run_queues kernel/time/hrtimer.c:1652\n hrtimer_interrupt kernel/time/hrtimer.c:1717\n __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113\n asm_call_irq_on_stack arch/x86/entry/entry_64.S:808\n \u003c/IRQ\u003e\n\n netlink_attachskb net/netlink/af_netlink.c:1234\n netlink_unicast net/netlink/af_netlink.c:1349\n kauditd_send_queue kernel/audit.c:776\n kauditd_thread kernel/audit.c:897\n kthread kernel/kthread.c:328\n ret_from_fork arch/x86/entry/entry_64.S:304\n\nRestore the original behavior of the check which commit in Fixes\naccidentally missed when restructuring the code.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38727",
"url": "https://www.suse.com/security/cve/CVE-2025-38727"
},
{
"category": "external",
"summary": "SUSE Bug 1249166 for CVE-2025-38727",
"url": "https://bugzilla.suse.com/1249166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38727"
},
{
"cve": "CVE-2025-38729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 power domain descriptors, too\n\nUAC3 power domain descriptors need to be verified with its variable\nbLength for avoiding the unexpected OOB accesses by malicious\nfirmware, too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38729",
"url": "https://www.suse.com/security/cve/CVE-2025-38729"
},
{
"category": "external",
"summary": "SUSE Bug 1249164 for CVE-2025-38729",
"url": "https://bugzilla.suse.com/1249164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38729"
},
{
"cve": "CVE-2025-38730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: commit partial buffers on retry\n\nRing provided buffers are potentially only valid within the single\nexecution context in which they were acquired. io_uring deals with this\nand invalidates them on retry. But on the networking side, if\nMSG_WAITALL is set, or if the socket is of the streaming type and too\nlittle was processed, then it will hang on to the buffer rather than\nrecycle or commit it. This is problematic for two reasons:\n\n1) If someone unregisters the provided buffer ring before a later retry,\n then the req-\u003ebuf_list will no longer be valid.\n\n2) If multiple sockers are using the same buffer group, then multiple\n receives can consume the same memory. This can cause data corruption\n in the application, as either receive could land in the same\n userspace buffer.\n\nFix this by disallowing partial retries from pinning a provided buffer\nacross multiple executions, if ring provided buffers are used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38730",
"url": "https://www.suse.com/security/cve/CVE-2025-38730"
},
{
"category": "external",
"summary": "SUSE Bug 1249172 for CVE-2025-38730",
"url": "https://bugzilla.suse.com/1249172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38730"
},
{
"cve": "CVE-2025-38732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38732",
"url": "https://www.suse.com/security/cve/CVE-2025-38732"
},
{
"category": "external",
"summary": "SUSE Bug 1249262 for CVE-2025-38732",
"url": "https://bugzilla.suse.com/1249262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38732"
},
{
"cve": "CVE-2025-38734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix UAF on smcsk after smc_listen_out()\n\nBPF CI testing report a UAF issue:\n\n [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0\n [ 16.447134] #PF: supervisor read access in kernel mod e\n [ 16.447516] #PF: error_code(0x0000) - not-present pag e\n [ 16.447878] PGD 0 P4D 0\n [ 16.448063] Oops: Oops: 0000 [#1] PREEMPT SMP NOPT I\n [ 16.448409] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Tainted: G OE 6.13.0-rc3-g89e8a75fda73-dirty #4 2\n [ 16.449124] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODUL E\n [ 16.449502] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/201 4\n [ 16.450201] Workqueue: smc_hs_wq smc_listen_wor k\n [ 16.450531] RIP: 0010:smc_listen_work+0xc02/0x159 0\n [ 16.452158] RSP: 0018:ffffb5ab40053d98 EFLAGS: 0001024 6\n [ 16.452526] RAX: 0000000000000001 RBX: 0000000000000002 RCX: 000000000000030 0\n [ 16.452994] RDX: 0000000000000280 RSI: 00003513840053f0 RDI: 000000000000000 0\n [ 16.453492] RBP: ffffa097808e3800 R08: ffffa09782dba1e0 R09: 000000000000000 5\n [ 16.453987] R10: 0000000000000000 R11: 0000000000000000 R12: ffffa0978274640 0\n [ 16.454497] R13: 0000000000000000 R14: 0000000000000000 R15: ffffa09782d4092 0\n [ 16.454996] FS: 0000000000000000(0000) GS:ffffa097bbc00000(0000) knlGS:000000000000000 0\n [ 16.455557] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003 3\n [ 16.455961] CR2: 0000000000000030 CR3: 0000000102788004 CR4: 0000000000770ef 0\n [ 16.456459] PKRU: 5555555 4\n [ 16.456654] Call Trace :\n [ 16.456832] \u003cTASK \u003e\n [ 16.456989] ? __die+0x23/0x7 0\n [ 16.457215] ? page_fault_oops+0x180/0x4c 0\n [ 16.457508] ? __lock_acquire+0x3e6/0x249 0\n [ 16.457801] ? exc_page_fault+0x68/0x20 0\n [ 16.458080] ? asm_exc_page_fault+0x26/0x3 0\n [ 16.458389] ? smc_listen_work+0xc02/0x159 0\n [ 16.458689] ? smc_listen_work+0xc02/0x159 0\n [ 16.458987] ? lock_is_held_type+0x8f/0x10 0\n [ 16.459284] process_one_work+0x1ea/0x6d 0\n [ 16.459570] worker_thread+0x1c3/0x38 0\n [ 16.459839] ? __pfx_worker_thread+0x10/0x1 0\n [ 16.460144] kthread+0xe0/0x11 0\n [ 16.460372] ? __pfx_kthread+0x10/0x1 0\n [ 16.460640] ret_from_fork+0x31/0x5 0\n [ 16.460896] ? __pfx_kthread+0x10/0x1 0\n [ 16.461166] ret_from_fork_asm+0x1a/0x3 0\n [ 16.461453] \u003c/TASK \u003e\n [ 16.461616] Modules linked in: bpf_testmod(OE) [last unloaded: bpf_testmod(OE) ]\n [ 16.462134] CR2: 000000000000003 0\n [ 16.462380] ---[ end trace 0000000000000000 ]---\n [ 16.462710] RIP: 0010:smc_listen_work+0xc02/0x1590\n\nThe direct cause of this issue is that after smc_listen_out_connected(),\nnewclcsock-\u003esk may be NULL since it will releases the smcsk. Therefore,\nif the application closes the socket immediately after accept,\nnewclcsock-\u003esk can be NULL. A possible execution order could be as\nfollows:\n\nsmc_listen_work | userspace\n-----------------------------------------------------------------\nlock_sock(sk) |\nsmc_listen_out_connected() |\n| \\- smc_listen_out |\n| | \\- release_sock |\n | |- sk-\u003esk_data_ready() |\n | fd = accept();\n | close(fd);\n | \\- socket-\u003esk = NULL;\n/* newclcsock-\u003esk is NULL now */\nSMC_STAT_SERV_SUCC_INC(sock_net(newclcsock-\u003esk))\n\nSince smc_listen_out_connected() will not fail, simply swapping the order\nof the code can easily fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38734",
"url": "https://www.suse.com/security/cve/CVE-2025-38734"
},
{
"category": "external",
"summary": "SUSE Bug 1249324 for CVE-2025-38734",
"url": "https://bugzilla.suse.com/1249324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38734"
},
{
"cve": "CVE-2025-38735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: prevent ethtool ops after shutdown\n\nA crash can occur if an ethtool operation is invoked\nafter shutdown() is called.\n\nshutdown() is invoked during system shutdown to stop DMA operations\nwithout performing expensive deallocations. It is discouraged to\nunregister the netdev in this path, so the device may still be visible\nto userspace and kernel helpers.\n\nIn gve, shutdown() tears down most internal data structures. If an\nethtool operation is dispatched after shutdown(), it will dereference\nfreed or NULL pointers, leading to a kernel panic. While graceful\nshutdown normally quiesces userspace before invoking the reboot\nsyscall, forced shutdowns (as observed on GCP VMs) can still trigger\nthis path.\n\nFix by calling netif_device_detach() in shutdown().\nThis marks the device as detached so the ethtool ioctl handler\nwill skip dispatching operations to the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38735",
"url": "https://www.suse.com/security/cve/CVE-2025-38735"
},
{
"category": "external",
"summary": "SUSE Bug 1249288 for CVE-2025-38735",
"url": "https://bugzilla.suse.com/1249288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38735"
},
{
"cve": "CVE-2025-38736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix_devices: Fix PHY address mask in MDIO bus initialization\n\nSyzbot reported shift-out-of-bounds exception on MDIO bus initialization.\n\nThe PHY address should be masked to 5 bits (0-31). Without this\nmask, invalid PHY addresses could be used, potentially causing issues\nwith MDIO bus operations.\n\nFix this by masking the PHY address with 0x1f (31 decimal) to ensure\nit stays within the valid range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38736",
"url": "https://www.suse.com/security/cve/CVE-2025-38736"
},
{
"category": "external",
"summary": "SUSE Bug 1249318 for CVE-2025-38736",
"url": "https://bugzilla.suse.com/1249318"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-38736"
},
{
"cve": "CVE-2025-39675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()\n\nThe function mod_hdcp_hdcp1_create_session() calls the function\nget_first_active_display(), but does not check its return value.\nThe return value is a null pointer if the display list is empty.\nThis will lead to a null pointer dereference.\n\nAdd a null pointer check for get_first_active_display() and return\nMOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.\n\nThis is similar to the commit c3e9826a2202\n(\"drm/amd/display: Add null pointer check for get_first_active_display()\").\n\n(cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39675",
"url": "https://www.suse.com/security/cve/CVE-2025-39675"
},
{
"category": "external",
"summary": "SUSE Bug 1249263 for CVE-2025-39675",
"url": "https://bugzilla.suse.com/1249263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39675"
},
{
"cve": "CVE-2025-39677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39677"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix backlog accounting in qdisc_dequeue_internal\n\nThis issue applies for the following qdiscs: hhf, fq, fq_codel, and\nfq_pie, and occurs in their change handlers when adjusting to the new\nlimit. The problem is the following in the values passed to the\nsubsequent qdisc_tree_reduce_backlog call given a tbf parent:\n\n When the tbf parent runs out of tokens, skbs of these qdiscs will\n be placed in gso_skb. Their peek handlers are qdisc_peek_dequeued,\n which accounts for both qlen and backlog. However, in the case of\n qdisc_dequeue_internal, ONLY qlen is accounted for when pulling\n from gso_skb. This means that these qdiscs are missing a\n qdisc_qstats_backlog_dec when dropping packets to satisfy the\n new limit in their change handlers.\n\n One can observe this issue with the following (with tc patched to\n support a limit of 0):\n\n export TARGET=fq\n tc qdisc del dev lo root\n tc qdisc add dev lo root handle 1: tbf rate 8bit burst 100b latency 1ms\n tc qdisc replace dev lo handle 3: parent 1:1 $TARGET limit 1000\n echo \u0027\u0027; echo \u0027add child\u0027; tc -s -d qdisc show dev lo\n ping -I lo -f -c2 -s32 -W0.001 127.0.0.1 2\u003e\u00261 \u003e/dev/null\n echo \u0027\u0027; echo \u0027after ping\u0027; tc -s -d qdisc show dev lo\n tc qdisc change dev lo handle 3: parent 1:1 $TARGET limit 0\n echo \u0027\u0027; echo \u0027after limit drop\u0027; tc -s -d qdisc show dev lo\n tc qdisc replace dev lo handle 2: parent 1:1 sfq\n echo \u0027\u0027; echo \u0027post graft\u0027; tc -s -d qdisc show dev lo\n\n The second to last show command shows 0 packets but a positive\n number (74) of backlog bytes. The problem becomes clearer in the\n last show command, where qdisc_purge_queue triggers\n qdisc_tree_reduce_backlog with the positive backlog and causes an\n underflow in the tbf parent\u0027s backlog (4096 Mb instead of 0).\n\nTo fix this issue, the codepath for all clients of qdisc_dequeue_internal\nhas been simplified: codel, pie, hhf, fq, fq_pie, and fq_codel.\nqdisc_dequeue_internal handles the backlog adjustments for all cases that\ndo not directly use the dequeue handler.\n\nThe old fq_codel_change limit adjustment loop accumulated the arguments to\nthe subsequent qdisc_tree_reduce_backlog call through the cstats field.\nHowever, this is confusing and error prone as fq_codel_dequeue could also\npotentially mutate this field (which qdisc_dequeue_internal calls in the\nnon gso_skb case), so we have unified the code here with other qdiscs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39677",
"url": "https://www.suse.com/security/cve/CVE-2025-39677"
},
{
"category": "external",
"summary": "SUSE Bug 1249300 for CVE-2025-39677",
"url": "https://bugzilla.suse.com/1249300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39677"
},
{
"cve": "CVE-2025-39678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL\n\nIf metric table address is not allocated, accessing metrics_bin will\nresult in a NULL pointer dereference, so add a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39678",
"url": "https://www.suse.com/security/cve/CVE-2025-39678"
},
{
"category": "external",
"summary": "SUSE Bug 1249290 for CVE-2025-39678",
"url": "https://bugzilla.suse.com/1249290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39678"
},
{
"cve": "CVE-2025-39679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().\n\nWhen the nvif_vmm_type is invalid, we will return error directly\nwithout freeing the args in nvif_vmm_ctor(), which leading a memory\nleak. Fix it by setting the ret -EINVAL and goto done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39679",
"url": "https://www.suse.com/security/cve/CVE-2025-39679"
},
{
"category": "external",
"summary": "SUSE Bug 1249338 for CVE-2025-39679",
"url": "https://bugzilla.suse.com/1249338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39679"
},
{
"cve": "CVE-2025-39681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper\n\nSince\n\n 923f3a2b48bd (\"x86/resctrl: Query LLC monitoring properties once during boot\")\n\nresctrl_cpu_detect() has been moved from common CPU initialization code to\nthe vendor-specific BSP init helper, while Hygon didn\u0027t put that call in their\ncode.\n\nThis triggers a division by zero fault during early booting stage on our\nmachines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries\nto calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.\n\nAdd the missing resctrl_cpu_detect() in the Hygon BSP init helper.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39681",
"url": "https://www.suse.com/security/cve/CVE-2025-39681"
},
{
"category": "external",
"summary": "SUSE Bug 1249303 for CVE-2025-39681",
"url": "https://bugzilla.suse.com/1249303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39681"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-39684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()\n\nsyzbot reports a KMSAN kernel-infoleak in `do_insn_ioctl()`. A kernel\nbuffer is allocated to hold `insn-\u003en` samples (each of which is an\n`unsigned int`). For some instruction types, `insn-\u003en` samples are\ncopied back to user-space, unless an error code is being returned. The\nproblem is that not all the instruction handlers that need to return\ndata to userspace fill in the whole `insn-\u003en` samples, so that there is\nan information leak. There is a similar syzbot report for\n`do_insnlist_ioctl()`, although it does not have a reproducer for it at\nthe time of writing.\n\nOne culprit is `insn_rw_emulate_bits()` which is used as the handler for\n`INSN_READ` or `INSN_WRITE` instructions for subdevices that do not have\na specific handler for that instruction, but do have an `INSN_BITS`\nhandler. For `INSN_READ` it only fills in at most 1 sample, so if\n`insn-\u003en` is greater than 1, the remaining `insn-\u003en - 1` samples copied\nto userspace will be uninitialized kernel data.\n\nAnother culprit is `vm80xx_ai_insn_read()` in the \"vm80xx\" driver. It\nnever returns an error, even if it fails to fill the buffer.\n\nFix it in `do_insn_ioctl()` and `do_insnlist_ioctl()` by making sure\nthat uninitialized parts of the allocated buffer are zeroed before\nhandling each instruction.\n\nThanks to Arnaud Lecomte for their fix to `do_insn_ioctl()`. That fix\nreplaced the call to `kmalloc_array()` with `kcalloc()`, but it is not\nalways necessary to clear the whole buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39684",
"url": "https://www.suse.com/security/cve/CVE-2025-39684"
},
{
"category": "external",
"summary": "SUSE Bug 1249281 for CVE-2025-39684",
"url": "https://bugzilla.suse.com/1249281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39684"
},
{
"cve": "CVE-2025-39685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl726: Prevent invalid irq number\n\nThe reproducer passed in an irq number(0x80008000) that was too large,\nwhich triggered the oob.\n\nAdded an interrupt number check to prevent users from passing in an irq\nnumber that was too large.\n\nIf `it-\u003eoptions[1]` is 31, then `1 \u003c\u003c it-\u003eoptions[1]` is still invalid\nbecause it shifts a 1-bit into the sign bit (which is UB in C).\nPossible solutions include reducing the upper bound on the\n`it-\u003eoptions[1]` value to 30 or lower, or using `1U \u003c\u003c it-\u003eoptions[1]`.\n\nThe old code would just not attempt to request the IRQ if the\n`options[1]` value were invalid. And it would still configure the\ndevice without interrupts even if the call to `request_irq` returned an\nerror. So it would be better to combine this test with the test below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39685",
"url": "https://www.suse.com/security/cve/CVE-2025-39685"
},
{
"category": "external",
"summary": "SUSE Bug 1249282 for CVE-2025-39685",
"url": "https://bugzilla.suse.com/1249282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39685"
},
{
"cve": "CVE-2025-39686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Make insn_rw_emulate_bits() do insn-\u003en samples\n\nThe `insn_rw_emulate_bits()` function is used as a default handler for\n`INSN_READ` instructions for subdevices that have a handler for\n`INSN_BITS` but not for `INSN_READ`. Similarly, it is used as a default\nhandler for `INSN_WRITE` instructions for subdevices that have a handler\nfor `INSN_BITS` but not for `INSN_WRITE`. It works by emulating the\n`INSN_READ` or `INSN_WRITE` instruction handling with a constructed\n`INSN_BITS` instruction. However, `INSN_READ` and `INSN_WRITE`\ninstructions are supposed to be able read or write multiple samples,\nindicated by the `insn-\u003en` value, but `insn_rw_emulate_bits()` currently\nonly handles a single sample. For `INSN_READ`, the comedi core will\ncopy `insn-\u003en` samples back to user-space. (That triggered KASAN\nkernel-infoleak errors when `insn-\u003en` was greater than 1, but that is\nbeing fixed more generally elsewhere in the comedi core.)\n\nMake `insn_rw_emulate_bits()` either handle `insn-\u003en` samples, or return\nan error, to conform to the general expectation for `INSN_READ` and\n`INSN_WRITE` handlers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39686",
"url": "https://www.suse.com/security/cve/CVE-2025-39686"
},
{
"category": "external",
"summary": "SUSE Bug 1249312 for CVE-2025-39686",
"url": "https://bugzilla.suse.com/1249312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39686"
},
{
"cve": "CVE-2025-39691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: fix use-after-free when call bh_read() helper\n\nThere\u0027s issue as follows:\nBUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110\nRead of size 8 at addr ffffc9000168f7f8 by task swapper/3/0\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x2c/0x390\n print_report+0xb4/0x270\n kasan_report+0xb8/0xf0\n end_buffer_read_sync+0xe3/0x110\n end_bio_bh_io_sync+0x56/0x80\n blk_update_request+0x30a/0x720\n scsi_end_request+0x51/0x2b0\n scsi_io_completion+0xe3/0x480\n ? scsi_device_unbusy+0x11e/0x160\n blk_complete_reqs+0x7b/0x90\n handle_softirqs+0xef/0x370\n irq_exit_rcu+0xa5/0xd0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n\n Above issue happens when do ntfs3 filesystem mount, issue may happens\n as follows:\n mount IRQ\nntfs_fill_super\n read_cache_page\n do_read_cache_folio\n filemap_read_folio\n mpage_read_folio\n\t do_mpage_readpage\n\t ntfs_get_block_vbo\n\t bh_read\n\t submit_bh\n\t wait_on_buffer(bh);\n\t blk_complete_reqs\n\t\t\t\t scsi_io_completion\n\t\t\t\t scsi_end_request\n\t\t\t\t blk_update_request\n\t\t\t\t end_bio_bh_io_sync\n\t\t\t\t\t end_buffer_read_sync\n\t\t\t\t\t __end_buffer_read_notouch\n\t\t\t\t\t unlock_buffer\n\n wait_on_buffer(bh);--\u003e return will return to caller\n\n\t\t\t\t\t put_bh\n\t\t\t\t\t --\u003e trigger stack-out-of-bounds\nIn the mpage_read_folio() function, the stack variable \u0027map_bh\u0027 is\npassed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and\nwait_on_buffer() returns to continue processing, the stack variable\nis likely to be reclaimed. Consequently, during the end_buffer_read_sync()\nprocess, calling put_bh() may result in stack overrun.\n\nIf the bh is not allocated on the stack, it belongs to a folio. Freeing\na buffer head which belongs to a folio is done by drop_buffers() which\nwill fail to free buffers which are still locked. So it is safe to call\nput_bh() before __end_buffer_read_notouch().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39691",
"url": "https://www.suse.com/security/cve/CVE-2025-39691"
},
{
"category": "external",
"summary": "SUSE Bug 1249374 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "external",
"summary": "SUSE Bug 1249392 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39691"
},
{
"cve": "CVE-2025-39693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid a NULL pointer dereference\n\n[WHY]\nAlthough unlikely drm_atomic_get_new_connector_state() or\ndrm_atomic_get_old_connector_state() can return NULL.\n\n[HOW]\nCheck returns before dereference.\n\n(cherry picked from commit 1e5e8d672fec9f2ab352be121be971877bff2af9)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39693",
"url": "https://www.suse.com/security/cve/CVE-2025-39693"
},
{
"category": "external",
"summary": "SUSE Bug 1249279 for CVE-2025-39693",
"url": "https://bugzilla.suse.com/1249279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39693"
},
{
"cve": "CVE-2025-39694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Fix SCCB present check\n\nTracing code called by the SCLP interrupt handler contains early exits\nif the SCCB address associated with an interrupt is NULL. This check is\nperformed after physical to virtual address translation.\n\nIf the kernel identity mapping does not start at address zero, the\nresulting virtual address is never zero, so that the NULL checks won\u0027t\nwork. Subsequently this may result in incorrect accesses to the first\npage of the identity mapping.\n\nFix this by introducing a function that handles the NULL case before\naddress translation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39694",
"url": "https://www.suse.com/security/cve/CVE-2025-39694"
},
{
"category": "external",
"summary": "SUSE Bug 1249299 for CVE-2025-39694",
"url": "https://bugzilla.suse.com/1249299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39694"
},
{
"cve": "CVE-2025-39701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: pfr_update: Fix the driver update version check\n\nThe security-version-number check should be used rather\nthan the runtime version check for driver updates.\n\nOtherwise, the firmware update would fail when the update binary had\na lower runtime version number than the current one.\n\n[ rjw: Changelog edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39701",
"url": "https://www.suse.com/security/cve/CVE-2025-39701"
},
{
"category": "external",
"summary": "SUSE Bug 1249308 for CVE-2025-39701",
"url": "https://bugzilla.suse.com/1249308"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39701"
},
{
"cve": "CVE-2025-39703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can\u0027t hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\u003csnip registers, remove unreliable trace\u003e\n\n[ 45.402911] Call Trace:\n[ 45.403105] \u003cIRQ\u003e\n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \u003c/IRQ\u003e\n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there\u0027s not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don\u0027t easily\nsee why it couldn\u0027t be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth0_to_hsr \u251c\u2500\u2500\u2500\u2524 hsr_slave0 \u253c\u2500\u2500\u2500\u2510\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2510\n \u251c\u2500\u2524 hsr0 \u251c\u2500\u2500\u2500\u2510\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 | | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth1_to_hsr \u253c\u2500\u2500\u2500\u2524 hsr_slave1 \u251c\u2500\u2500\u2500\u2518 \u2524 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u253c bridge |\n || |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 |\n | ... \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39703",
"url": "https://www.suse.com/security/cve/CVE-2025-39703"
},
{
"category": "external",
"summary": "SUSE Bug 1249315 for CVE-2025-39703",
"url": "https://bugzilla.suse.com/1249315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39703"
},
{
"cve": "CVE-2025-39705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a Null pointer dereference vulnerability\n\n[Why]\nA null pointer dereference vulnerability exists in the AMD display driver\u0027s\n(DC module) cleanup function dc_destruct().\nWhen display control context (dc-\u003ectx) construction fails\n(due to memory allocation failure), this pointer remains NULL.\nDuring subsequent error handling when dc_destruct() is called,\nthere\u0027s no NULL check before dereferencing the perf_trace member\n(dc-\u003ectx-\u003eperf_trace), causing a kernel null pointer dereference crash.\n\n[How]\nCheck if dc-\u003ectx is non-NULL before dereferencing.\n\n(Updated commit text and removed unnecessary error message)\n(cherry picked from commit 9dd8e2ba268c636c240a918e0a31e6feaee19404)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39705",
"url": "https://www.suse.com/security/cve/CVE-2025-39705"
},
{
"category": "external",
"summary": "SUSE Bug 1249295 for CVE-2025-39705",
"url": "https://bugzilla.suse.com/1249295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39705"
},
{
"cve": "CVE-2025-39706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Destroy KFD debugfs after destroy KFD wq\n\nSince KFD proc content was moved to kernel debugfs, we can\u0027t destroy KFD\ndebugfs before kfd_process_destroy_wq. Move kfd_process_destroy_wq prior\nto kfd_debugfs_fini to fix a kernel NULL pointer problem. It happens\nwhen /sys/kernel/debug/kfd was already destroyed in kfd_debugfs_fini but\nkfd_process_destroy_wq calls kfd_debugfs_remove_process. This line\n debugfs_remove_recursive(entry-\u003eproc_dentry);\ntries to remove /sys/kernel/debug/kfd/proc/\u003cpid\u003e while\n/sys/kernel/debug/kfd is already gone. It hangs the kernel by kernel\nNULL pointer.\n\n(cherry picked from commit 0333052d90683d88531558dcfdbf2525cc37c233)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39706",
"url": "https://www.suse.com/security/cve/CVE-2025-39706"
},
{
"category": "external",
"summary": "SUSE Bug 1249413 for CVE-2025-39706",
"url": "https://bugzilla.suse.com/1249413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39706"
},
{
"cve": "CVE-2025-39709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: protect against spurious interrupts during probe\n\nMake sure the interrupt handler is initialized before the interrupt is\nregistered.\n\nIf the IRQ is registered before hfi_create(), it\u0027s possible that an\ninterrupt fires before the handler setup is complete, leading to a NULL\ndereference.\n\nThis error condition has been observed during system boot on Rb3Gen2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39709",
"url": "https://www.suse.com/security/cve/CVE-2025-39709"
},
{
"category": "external",
"summary": "SUSE Bug 1249278 for CVE-2025-39709",
"url": "https://bugzilla.suse.com/1249278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39709"
},
{
"cve": "CVE-2025-39710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: Add a check for packet size after reading from shared memory\n\nAdd a check to ensure that the packet size does not exceed the number of\navailable words after reading the packet header from shared memory. This\nensures that the size provided by the firmware is safe to process and\nprevent potential out-of-bounds memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39710",
"url": "https://www.suse.com/security/cve/CVE-2025-39710"
},
{
"category": "external",
"summary": "SUSE Bug 1249304 for CVE-2025-39710",
"url": "https://bugzilla.suse.com/1249304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39710"
},
{
"cve": "CVE-2025-39713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()\n\nIn the interrupt handler rain_interrupt(), the buffer full check on\nrain-\u003ebuf_len is performed before acquiring rain-\u003ebuf_lock. This\ncreates a Time-of-Check to Time-of-Use (TOCTOU) race condition, as\nrain-\u003ebuf_len is concurrently accessed and modified in the work\nhandler rain_irq_work_handler() under the same lock.\n\nMultiple interrupt invocations can race, with each reading buf_len\nbefore it becomes full and then proceeding. This can lead to both\ninterrupts attempting to write to the buffer, incrementing buf_len\nbeyond its capacity (DATA_SIZE) and causing a buffer overflow.\n\nFix this bug by moving the spin_lock() to before the buffer full\ncheck. This ensures that the check and the subsequent buffer modification\nare performed atomically, preventing the race condition. An corresponding\nspin_unlock() is added to the overflow path to correctly release the\nlock.\n\nThis possible bug was found by an experimental static analysis tool\ndeveloped by our team.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39713",
"url": "https://www.suse.com/security/cve/CVE-2025-39713"
},
{
"category": "external",
"summary": "SUSE Bug 1249321 for CVE-2025-39713",
"url": "https://bugzilla.suse.com/1249321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39713"
},
{
"cve": "CVE-2025-39714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Lock resolution while streaming\n\nWhen an program is streaming (ffplay) and another program (qv4l2)\nchanges the TV standard from NTSC to PAL, the kernel crashes due to trying\nto copy to unmapped memory.\n\nChanging from NTSC to PAL increases the resolution in the usbtv struct,\nbut the video plane buffer isn\u0027t adjusted, so it overflows.\n\n[hverkuil: call vb2_is_busy instead of vb2_is_streaming]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39714",
"url": "https://www.suse.com/security/cve/CVE-2025-39714"
},
{
"category": "external",
"summary": "SUSE Bug 1249273 for CVE-2025-39714",
"url": "https://bugzilla.suse.com/1249273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39714"
},
{
"cve": "CVE-2025-39718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Validate length in packet header before skb_put()\n\nWhen receiving a vsock packet in the guest, only the virtqueue buffer\nsize is validated prior to virtio_vsock_skb_rx_put(). Unfortunately,\nvirtio_vsock_skb_rx_put() uses the length from the packet header as the\nlength argument to skb_put(), potentially resulting in SKB overflow if\nthe host has gone wonky.\n\nValidate the length as advertised by the packet header before calling\nvirtio_vsock_skb_rx_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39718",
"url": "https://www.suse.com/security/cve/CVE-2025-39718"
},
{
"category": "external",
"summary": "SUSE Bug 1249305 for CVE-2025-39718",
"url": "https://bugzilla.suse.com/1249305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39718"
},
{
"cve": "CVE-2025-39719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: bno055: fix OOB access of hw_xlate array\n\nFix a potential out-of-bounds array access of the hw_xlate array in\nbno055.c.\n\nIn bno055_get_regmask(), hw_xlate was iterated over the length of the\nvals array instead of the length of the hw_xlate array. In the case of\nbno055_gyr_scale, the vals array is larger than the hw_xlate array,\nso this could result in an out-of-bounds access. In practice, this\nshouldn\u0027t happen though because a match should always be found which\nbreaks out of the for loop before it iterates beyond the end of the\nhw_xlate array.\n\nBy adding a new hw_xlate_len field to the bno055_sysfs_attr, we can be\nsure we are iterating over the correct length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39719",
"url": "https://www.suse.com/security/cve/CVE-2025-39719"
},
{
"category": "external",
"summary": "SUSE Bug 1249271 for CVE-2025-39719",
"url": "https://bugzilla.suse.com/1249271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39719"
},
{
"cve": "CVE-2025-39721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - flush misc workqueue during device shutdown\n\nRepeated loading and unloading of a device specific QAT driver, for\nexample qat_4xxx, in a tight loop can lead to a crash due to a\nuse-after-free scenario. This occurs when a power management (PM)\ninterrupt triggers just before the device-specific driver (e.g.,\nqat_4xxx.ko) is unloaded, while the core driver (intel_qat.ko) remains\nloaded.\n\nSince the driver uses a shared workqueue (`qat_misc_wq`) across all\ndevices and owned by intel_qat.ko, a deferred routine from the\ndevice-specific driver may still be pending in the queue. If this\nroutine executes after the driver is unloaded, it can dereference freed\nmemory, resulting in a page fault and kernel crash like the following:\n\n BUG: unable to handle page fault for address: ffa000002e50a01c\n #PF: supervisor read access in kernel mode\n RIP: 0010:pm_bh_handler+0x1d2/0x250 [intel_qat]\n Call Trace:\n pm_bh_handler+0x1d2/0x250 [intel_qat]\n process_one_work+0x171/0x340\n worker_thread+0x277/0x3a0\n kthread+0xf0/0x120\n ret_from_fork+0x2d/0x50\n\nTo prevent this, flush the misc workqueue during device shutdown to\nensure that all pending work items are completed before the driver is\nunloaded.\n\nNote: This approach may slightly increase shutdown latency if the\nworkqueue contains jobs from other devices, but it ensures correctness\nand stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39721",
"url": "https://www.suse.com/security/cve/CVE-2025-39721"
},
{
"category": "external",
"summary": "SUSE Bug 1249323 for CVE-2025-39721",
"url": "https://bugzilla.suse.com/1249323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39721"
},
{
"cve": "CVE-2025-39724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250: fix panic due to PSLVERR\n\nWhen the PSLVERR_RESP_EN parameter is set to 1, the device generates\nan error response if an attempt is made to read an empty RBR (Receive\nBuffer Register) while the FIFO is enabled.\n\nIn serial8250_do_startup(), calling serial_port_out(port, UART_LCR,\nUART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes\ndw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter\nfunction enables the FIFO via serial_out(p, UART_FCR, p-\u003efcr).\nExecution proceeds to the serial_port_in(port, UART_RX).\nThis satisfies the PSLVERR trigger condition.\n\nWhen another CPU (e.g., using printk()) is accessing the UART (UART\nis busy), the current CPU fails the check (value \u0026 ~UART_LCR_SPAR) ==\n(lcr \u0026 ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter\ndw8250_force_idle().\n\nPut serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port-\u003elock\nto fix this issue.\n\nPanic backtrace:\n[ 0.442336] Oops - unknown exception [#1]\n[ 0.442343] epc : dw8250_serial_in32+0x1e/0x4a\n[ 0.442351] ra : serial8250_do_startup+0x2c8/0x88e\n...\n[ 0.442416] console_on_rootfs+0x26/0x70",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39724",
"url": "https://www.suse.com/security/cve/CVE-2025-39724"
},
{
"category": "external",
"summary": "SUSE Bug 1249265 for CVE-2025-39724",
"url": "https://bugzilla.suse.com/1249265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39724"
},
{
"cve": "CVE-2025-39726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: fix concurrency management in ism_cmd()\n\nThe s390x ISM device data sheet clearly states that only one\nrequest-response sequence is allowable per ISM function at any point in\ntime. Unfortunately as of today the s390/ism driver in Linux does not\nhonor that requirement. This patch aims to rectify that.\n\nThis problem was discovered based on Aliaksei\u0027s bug report which states\nthat for certain workloads the ISM functions end up entering error state\n(with PEC 2 as seen from the logs) after a while and as a consequence\nconnections handled by the respective function break, and for future\nconnection requests the ISM device is not considered -- given it is in a\ndysfunctional state. During further debugging PEC 3A was observed as\nwell.\n\nA kernel message like\n[ 1211.244319] zpci: 061a:00:00.0: Event 0x2 reports an error for PCI function 0x61a\nis a reliable indicator of the stated function entering error state\nwith PEC 2. Let me also point out that a kernel message like\n[ 1211.244325] zpci: 061a:00:00.0: The ism driver bound to the device does not support error recovery\nis a reliable indicator that the ISM function won\u0027t be auto-recovered\nbecause the ISM driver currently lacks support for it.\n\nOn a technical level, without this synchronization, commands (inputs to\nthe FW) may be partially or fully overwritten (corrupted) by another CPU\ntrying to issue commands on the same function. There is hard evidence that\nthis can lead to DMB token values being used as DMB IOVAs, leading to\nPEC 2 PCI events indicating invalid DMA. But this is only one of the\nfailure modes imaginable. In theory even completely losing one command\nand executing another one twice and then trying to interpret the outputs\nas if the command we intended to execute was actually executed and not\nthe other one is also possible. Frankly, I don\u0027t feel confident about\nproviding an exhaustive list of possible consequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39726",
"url": "https://www.suse.com/security/cve/CVE-2025-39726"
},
{
"category": "external",
"summary": "SUSE Bug 1249266 for CVE-2025-39726",
"url": "https://bugzilla.suse.com/1249266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39726"
},
{
"cve": "CVE-2025-39730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix filehandle bounds checking in nfs_fh_to_dentry()\n\nThe function needs to check the minimal filehandle length before it can\naccess the embedded filehandle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39730",
"url": "https://www.suse.com/security/cve/CVE-2025-39730"
},
{
"category": "external",
"summary": "SUSE Bug 1249296 for CVE-2025-39730",
"url": "https://bugzilla.suse.com/1249296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39730"
},
{
"cve": "CVE-2025-39732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()\n\nath11k_mac_disable_peer_fixed_rate() is passed as the iterator to\nieee80211_iterate_stations_atomic(). Note in this case the iterator is\nrequired to be atomic, however ath11k_mac_disable_peer_fixed_rate() does\nnot follow it as it might sleep. Consequently below warning is seen:\n\nBUG: sleeping function called from invalid context at wmi.c:304\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl\n __might_resched.cold\n ath11k_wmi_cmd_send\n ath11k_wmi_set_peer_param\n ath11k_mac_disable_peer_fixed_rate\n ieee80211_iterate_stations_atomic\n ath11k_mac_op_set_bitrate_mask.cold\n\nChange to ieee80211_iterate_stations_mtx() to fix this issue.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39732",
"url": "https://www.suse.com/security/cve/CVE-2025-39732"
},
{
"category": "external",
"summary": "SUSE Bug 1249292 for CVE-2025-39732",
"url": "https://bugzilla.suse.com/1249292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39732"
},
{
"cve": "CVE-2025-39738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not allow relocation of partially dropped subvolumes\n\n[BUG]\nThere is an internal report that balance triggered transaction abort,\nwith the following call trace:\n\n item 85 key (594509824 169 0) itemoff 12599 itemsize 33\n extent refs 1 gen 197740 flags 2\n ref#0: tree block backref root 7\n item 86 key (594558976 169 0) itemoff 12566 itemsize 33\n extent refs 1 gen 197522 flags 2\n ref#0: tree block backref root 7\n ...\n BTRFS error (device loop0): extent item not found for insert, bytenr 594526208 num_bytes 16384 parent 449921024 root_objectid 934 owner 1 offset 0\n BTRFS error (device loop0): failed to run delayed ref for logical 594526208 num_bytes 16384 type 182 action 1 ref_mod 1: -117\n ------------[ cut here ]------------\n BTRFS: Transaction aborted (error -117)\n WARNING: CPU: 1 PID: 6963 at ../fs/btrfs/extent-tree.c:2168 btrfs_run_delayed_refs+0xfa/0x110 [btrfs]\n\nAnd btrfs check doesn\u0027t report anything wrong related to the extent\ntree.\n\n[CAUSE]\nThe cause is a little complex, firstly the extent tree indeed doesn\u0027t\nhave the backref for 594526208.\n\nThe extent tree only have the following two backrefs around that bytenr\non-disk:\n\n item 65 key (594509824 METADATA_ITEM 0) itemoff 13880 itemsize 33\n refs 1 gen 197740 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n item 66 key (594558976 METADATA_ITEM 0) itemoff 13847 itemsize 33\n refs 1 gen 197522 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n\nBut the such missing backref item is not an corruption on disk, as the\noffending delayed ref belongs to subvolume 934, and that subvolume is\nbeing dropped:\n\n item 0 key (934 ROOT_ITEM 198229) itemoff 15844 itemsize 439\n generation 198229 root_dirid 256 bytenr 10741039104 byte_limit 0 bytes_used 345571328\n last_snapshot 198229 flags 0x1000000000001(RDONLY) refs 0\n drop_progress key (206324 EXTENT_DATA 2711650304) drop_level 2\n level 2 generation_v2 198229\n\nAnd that offending tree block 594526208 is inside the dropped range of\nthat subvolume. That explains why there is no backref item for that\nbytenr and why btrfs check is not reporting anything wrong.\n\nBut this also shows another problem, as btrfs will do all the orphan\nsubvolume cleanup at a read-write mount.\n\nSo half-dropped subvolume should not exist after an RW mount, and\nbalance itself is also exclusive to subvolume cleanup, meaning we\nshouldn\u0027t hit a subvolume half-dropped during relocation.\n\nThe root cause is, there is no orphan item for this subvolume.\nIn fact there are 5 subvolumes from around 2021 that have the same\nproblem.\n\nIt looks like the original report has some older kernels running, and\ncaused those zombie subvolumes.\n\nThankfully upstream commit 8d488a8c7ba2 (\"btrfs: fix subvolume/snapshot\ndeletion not triggered on mount\") has long fixed the bug.\n\n[ENHANCEMENT]\nFor repairing such old fs, btrfs-progs will be enhanced.\n\nConsidering how delayed the problem will show up (at run delayed ref\ntime) and at that time we have to abort transaction already, it is too\nlate.\n\nInstead here we reject any half-dropped subvolume for reloc tree at the\nearliest time, preventing confusion and extra time wasted on debugging\nsimilar bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39738",
"url": "https://www.suse.com/security/cve/CVE-2025-39738"
},
{
"category": "external",
"summary": "SUSE Bug 1249540 for CVE-2025-39738",
"url": "https://bugzilla.suse.com/1249540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39738"
},
{
"cve": "CVE-2025-39739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu-qcom: Add SM6115 MDSS compatible\n\nAdd the SM6115 MDSS compatible to clients compatible list, as it also\nneeds that workaround.\nWithout this workaround, for example, QRB4210 RB2 which is based on\nSM4250/SM6115 generates a lot of smmu unhandled context faults during\nboot:\n\narm_smmu_context_fault: 116854 callbacks suppressed\narm-smmu c600000.iommu: Unhandled context fault: fsr=0x402,\niova=0x5c0ec600, fsynr=0x320021, cbfrsynra=0x420, cb=5\narm-smmu c600000.iommu: FSR = 00000402 [Format=2 TF], SID=0x420\narm-smmu c600000.iommu: FSYNR0 = 00320021 [S1CBNDX=50 PNU PLVL=1]\narm-smmu c600000.iommu: Unhandled context fault: fsr=0x402,\niova=0x5c0d7800, fsynr=0x320021, cbfrsynra=0x420, cb=5\narm-smmu c600000.iommu: FSR = 00000402 [Format=2 TF], SID=0x420\n\nand also failed initialisation of lontium lt9611uxc, gpu and dpu is\nobserved:\n(binding MDSS components triggered by lt9611uxc have failed)\n\n ------------[ cut here ]------------\n !aspace\n WARNING: CPU: 6 PID: 324 at drivers/gpu/drm/msm/msm_gem_vma.c:130 msm_gem_vma_init+0x150/0x18c [msm]\n Modules linked in: ... (long list of modules)\n CPU: 6 UID: 0 PID: 324 Comm: (udev-worker) Not tainted 6.15.0-03037-gaacc73ceeb8b #4 PREEMPT\n Hardware name: Qualcomm Technologies, Inc. QRB4210 RB2 (DT)\n pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : msm_gem_vma_init+0x150/0x18c [msm]\n lr : msm_gem_vma_init+0x150/0x18c [msm]\n sp : ffff80008144b280\n \t\t...\n Call trace:\n msm_gem_vma_init+0x150/0x18c [msm] (P)\n get_vma_locked+0xc0/0x194 [msm]\n msm_gem_get_and_pin_iova_range+0x4c/0xdc [msm]\n msm_gem_kernel_new+0x48/0x160 [msm]\n msm_gpu_init+0x34c/0x53c [msm]\n adreno_gpu_init+0x1b0/0x2d8 [msm]\n a6xx_gpu_init+0x1e8/0x9e0 [msm]\n adreno_bind+0x2b8/0x348 [msm]\n component_bind_all+0x100/0x230\n msm_drm_bind+0x13c/0x3d0 [msm]\n try_to_bring_up_aggregate_device+0x164/0x1d0\n __component_add+0xa4/0x174\n component_add+0x14/0x20\n dsi_dev_attach+0x20/0x34 [msm]\n dsi_host_attach+0x58/0x98 [msm]\n devm_mipi_dsi_attach+0x34/0x90\n lt9611uxc_attach_dsi.isra.0+0x94/0x124 [lontium_lt9611uxc]\n lt9611uxc_probe+0x540/0x5fc [lontium_lt9611uxc]\n i2c_device_probe+0x148/0x2a8\n really_probe+0xbc/0x2c0\n __driver_probe_device+0x78/0x120\n driver_probe_device+0x3c/0x154\n __driver_attach+0x90/0x1a0\n bus_for_each_dev+0x68/0xb8\n driver_attach+0x24/0x30\n bus_add_driver+0xe4/0x208\n driver_register+0x68/0x124\n i2c_register_driver+0x48/0xcc\n lt9611uxc_driver_init+0x20/0x1000 [lontium_lt9611uxc]\n do_one_initcall+0x60/0x1d4\n do_init_module+0x54/0x1fc\n load_module+0x1748/0x1c8c\n init_module_from_file+0x74/0xa0\n __arm64_sys_finit_module+0x130/0x2f8\n invoke_syscall+0x48/0x104\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x2c/0x80\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n ---[ end trace 0000000000000000 ]---\n msm_dpu 5e01000.display-controller: [drm:msm_gpu_init [msm]] *ERROR* could not allocate memptrs: -22\n msm_dpu 5e01000.display-controller: failed to load adreno gpu\n platform a400000.remoteproc:glink-edge:apr:service@7:dais: Adding to iommu group 19\n msm_dpu 5e01000.display-controller: failed to bind 5900000.gpu (ops a3xx_ops [msm]): -22\n msm_dpu 5e01000.display-controller: adev bind failed: -22\n lt9611uxc 0-002b: failed to attach dsi to host\n lt9611uxc 0-002b: probe with driver lt9611uxc failed with error -22",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39739",
"url": "https://www.suse.com/security/cve/CVE-2025-39739"
},
{
"category": "external",
"summary": "SUSE Bug 1249542 for CVE-2025-39739",
"url": "https://bugzilla.suse.com/1249542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39739"
},
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-39743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: truncate good inode pages when hard link is 0\n\nThe fileset value of the inode copy from the disk by the reproducer is\nAGGR_RESERVED_I. When executing evict, its hard link number is 0, so its\ninode pages are not truncated. This causes the bugon to be triggered when\nexecuting clear_inode() because nrpages is greater than 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39743",
"url": "https://www.suse.com/security/cve/CVE-2025-39743"
},
{
"category": "external",
"summary": "SUSE Bug 1249489 for CVE-2025-39743",
"url": "https://bugzilla.suse.com/1249489"
},
{
"category": "external",
"summary": "SUSE Bug 1249491 for CVE-2025-39743",
"url": "https://bugzilla.suse.com/1249491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39743"
},
{
"cve": "CVE-2025-39744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix rcu_read_unlock() deadloop due to IRQ work\n\nDuring rcu_read_unlock_special(), if this happens during irq_exit(), we\ncan lockup if an IPI is issued. This is because the IPI itself triggers\nthe irq_exit() path causing a recursive lock up.\n\nThis is precisely what Xiongfeng found when invoking a BPF program on\nthe trace_tick_stop() tracepoint As shown in the trace below. Fix by\nmanaging the irq_work state correctly.\n\nirq_exit()\n __irq_exit_rcu()\n /* in_hardirq() returns false after this */\n preempt_count_sub(HARDIRQ_OFFSET)\n tick_irq_exit()\n tick_nohz_irq_exit()\n\t tick_nohz_stop_sched_tick()\n\t trace_tick_stop() /* a bpf prog is hooked on this trace point */\n\t\t __bpf_trace_tick_stop()\n\t\t bpf_trace_run2()\n\t\t\t rcu_read_unlock_special()\n /* will send a IPI to itself */\n\t\t\t irq_work_queue_on(\u0026rdp-\u003edefer_qs_iw, rdp-\u003ecpu);\n\nA simple reproducer can also be obtained by doing the following in\ntick_irq_exit(). It will hang on boot without the patch:\n\n static inline void tick_irq_exit(void)\n {\n +\trcu_read_lock();\n +\tWRITE_ONCE(current-\u003ercu_read_unlock_special.b.need_qs, true);\n +\trcu_read_unlock();\n +\n\n[neeraj: Apply Frederic\u0027s suggested fix for PREEMPT_RT]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39744",
"url": "https://www.suse.com/security/cve/CVE-2025-39744"
},
{
"category": "external",
"summary": "SUSE Bug 1249494 for CVE-2025-39744",
"url": "https://bugzilla.suse.com/1249494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39744"
},
{
"cve": "CVE-2025-39746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39746"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: shutdown driver when hardware is unreliable\n\nIn rare cases, ath10k may lose connection with the PCIe bus due to\nsome unknown reasons, which could further lead to system crashes during\nresuming due to watchdog timeout:\n\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\nath10k_pci 0000:01:00.0: already restarting\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\nieee80211 phy0: PM: **** DPM device timeout ****\nCall Trace:\n panic+0x125/0x315\n dpm_watchdog_set+0x54/0x54\n dpm_watchdog_handler+0x57/0x57\n call_timer_fn+0x31/0x13c\n\nAt this point, all WMI commands will timeout and attempt to restart\ndevice. So set a threshold for consecutive restart failures. If the\nthreshold is exceeded, consider the hardware is unreliable and all\nath10k operations should be skipped to avoid system crash.\n\nfail_cont_count and pending_recovery are atomic variables, and\ndo not involve complex conditional logic. Therefore, even if recovery\ncheck and reconfig complete are executed concurrently, the recovery\nmechanism will not be broken.\n\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39746",
"url": "https://www.suse.com/security/cve/CVE-2025-39746"
},
{
"category": "external",
"summary": "SUSE Bug 1249516 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "external",
"summary": "SUSE Bug 1249517 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39746"
},
{
"cve": "CVE-2025-39749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect -\u003edefer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won\u0027t happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure\u0027s -\u003edefer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [\u003cffffffffb0f56121\u003e] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [\u003cffffffffb25c7859\u003e] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [\u003cffffffffb0ee093f\u003e] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe -\u003edefer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the -\u003edefer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39749",
"url": "https://www.suse.com/security/cve/CVE-2025-39749"
},
{
"category": "external",
"summary": "SUSE Bug 1249533 for CVE-2025-39749",
"url": "https://bugzilla.suse.com/1249533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39749"
},
{
"cve": "CVE-2025-39750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Correct tid cleanup when tid setup fails\n\nCurrently, if any error occurs during ath12k_dp_rx_peer_tid_setup(),\nthe tid value is already incremented, even though the corresponding\nTID is not actually allocated. Proceed to\nath12k_dp_rx_peer_tid_delete() starting from unallocated tid,\nwhich might leads to freeing unallocated TID and cause potential\ncrash or out-of-bounds access.\n\nHence, fix by correctly decrementing tid before cleanup to match only\nthe successfully allocated TIDs.\n\nAlso, remove tid-- from failure case of ath12k_dp_rx_peer_frag_setup(),\nas decrementing the tid before cleanup in loop will take care of this.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39750",
"url": "https://www.suse.com/security/cve/CVE-2025-39750"
},
{
"category": "external",
"summary": "SUSE Bug 1249523 for CVE-2025-39750",
"url": "https://bugzilla.suse.com/1249523"
},
{
"category": "external",
"summary": "SUSE Bug 1252715 for CVE-2025-39750",
"url": "https://bugzilla.suse.com/1252715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39750"
},
{
"cve": "CVE-2025-39751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39751"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39751",
"url": "https://www.suse.com/security/cve/CVE-2025-39751"
},
{
"category": "external",
"summary": "SUSE Bug 1249538 for CVE-2025-39751",
"url": "https://bugzilla.suse.com/1249538"
},
{
"category": "external",
"summary": "SUSE Bug 1249539 for CVE-2025-39751",
"url": "https://bugzilla.suse.com/1249539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39751"
},
{
"cve": "CVE-2025-39754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/smaps: fix race between smaps_hugetlb_range and migration\n\nsmaps_hugetlb_range() handles the pte without holdling ptl, and may be\nconcurrenct with migration, leaing to BUG_ON in pfn_swap_entry_to_page(). \nThe race is as follows.\n\nsmaps_hugetlb_range migrate_pages\n huge_ptep_get\n remove_migration_ptes\n\t\t\t\t folio_unlock\n pfn_swap_entry_folio\n BUG_ON\n\nTo fix it, hold ptl lock in smaps_hugetlb_range().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39754",
"url": "https://www.suse.com/security/cve/CVE-2025-39754"
},
{
"category": "external",
"summary": "SUSE Bug 1249524 for CVE-2025-39754",
"url": "https://bugzilla.suse.com/1249524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39754"
},
{
"cve": "CVE-2025-39757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 cluster segment descriptors\n\nUAC3 class segment descriptors need to be verified whether their sizes\nmatch with the declared lengths and whether they fit with the\nallocated buffer sizes, too. Otherwise malicious firmware may lead to\nthe unexpected OOB accesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39757",
"url": "https://www.suse.com/security/cve/CVE-2025-39757"
},
{
"category": "external",
"summary": "SUSE Bug 1249515 for CVE-2025-39757",
"url": "https://bugzilla.suse.com/1249515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39757"
},
{
"cve": "CVE-2025-39758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages\n\nEver since commit c2ff29e99a76 (\"siw: Inline do_tcp_sendpages()\"),\nwe have been doing this:\n\nstatic int siw_tcp_sendpages(struct socket *s, struct page **page, int offset,\n size_t size)\n[...]\n /* Calculate the number of bytes we need to push, for this page\n * specifically */\n size_t bytes = min_t(size_t, PAGE_SIZE - offset, size);\n /* If we can\u0027t splice it, then copy it in, as normal */\n if (!sendpage_ok(page[i]))\n msg.msg_flags \u0026= ~MSG_SPLICE_PAGES;\n /* Set the bvec pointing to the page, with len $bytes */\n bvec_set_page(\u0026bvec, page[i], bytes, offset);\n /* Set the iter to $size, aka the size of the whole sendpages (!!!) */\n iov_iter_bvec(\u0026msg.msg_iter, ITER_SOURCE, \u0026bvec, 1, size);\ntry_page_again:\n lock_sock(sk);\n /* Sendmsg with $size size (!!!) */\n rv = tcp_sendmsg_locked(sk, \u0026msg, size);\n\nThis means we\u0027ve been sending oversized iov_iters and tcp_sendmsg calls\nfor a while. This has a been a benign bug because sendpage_ok() always\nreturned true. With the recent slab allocator changes being slowly\nintroduced into next (that disallow sendpage on large kmalloc\nallocations), we have recently hit out-of-bounds crashes, due to slight\ndifferences in iov_iter behavior between the MSG_SPLICE_PAGES and\n\"regular\" copy paths:\n\n(MSG_SPLICE_PAGES)\nskb_splice_from_iter\n iov_iter_extract_pages\n iov_iter_extract_bvec_pages\n uses i-\u003enr_segs to correctly stop in its tracks before OoB\u0027ing everywhere\n skb_splice_from_iter gets a \"short\" read\n\n(!MSG_SPLICE_PAGES)\nskb_copy_to_page_nocache copy=iov_iter_count\n [...]\n copy_from_iter\n /* this doesn\u0027t help */\n if (unlikely(iter-\u003ecount \u003c len))\n len = iter-\u003ecount;\n iterate_bvec\n ... and we run off the bvecs\n\nFix this by properly setting the iov_iter\u0027s byte count, plus sending the\ncorrect byte count to tcp_sendmsg_locked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39758",
"url": "https://www.suse.com/security/cve/CVE-2025-39758"
},
{
"category": "external",
"summary": "SUSE Bug 1249490 for CVE-2025-39758",
"url": "https://bugzilla.suse.com/1249490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39758"
},
{
"cve": "CVE-2025-39759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix race between quota disable and quota rescan ioctl\n\nThere\u0027s a race between a task disabling quotas and another running the\nrescan ioctl that can result in a use-after-free of qgroup records from\nthe fs_info-\u003eqgroup_tree rbtree.\n\nThis happens as follows:\n\n1) Task A enters btrfs_ioctl_quota_rescan() -\u003e btrfs_qgroup_rescan();\n\n2) Task B enters btrfs_quota_disable() and calls\n btrfs_qgroup_wait_for_completion(), which does nothing because at that\n point fs_info-\u003eqgroup_rescan_running is false (it wasn\u0027t set yet by\n task A);\n\n3) Task B calls btrfs_free_qgroup_config() which starts freeing qgroups\n from fs_info-\u003eqgroup_tree without taking the lock fs_info-\u003eqgroup_lock;\n\n4) Task A enters qgroup_rescan_zero_tracking() which starts iterating\n the fs_info-\u003eqgroup_tree tree while holding fs_info-\u003eqgroup_lock,\n but task B is freeing qgroup records from that tree without holding\n the lock, resulting in a use-after-free.\n\nFix this by taking fs_info-\u003eqgroup_lock at btrfs_free_qgroup_config().\nAlso at btrfs_qgroup_rescan() don\u0027t start the rescan worker if quotas\nwere already disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39759",
"url": "https://www.suse.com/security/cve/CVE-2025-39759"
},
{
"category": "external",
"summary": "SUSE Bug 1249522 for CVE-2025-39759",
"url": "https://bugzilla.suse.com/1249522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39759"
},
{
"cve": "CVE-2025-39760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: core: config: Prevent OOB read in SS endpoint companion parsing\n\nusb_parse_ss_endpoint_companion() checks descriptor type before length,\nenabling a potentially odd read outside of the buffer size.\n\nFix this up by checking the size first before looking at any of the\nfields in the descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39760",
"url": "https://www.suse.com/security/cve/CVE-2025-39760"
},
{
"category": "external",
"summary": "SUSE Bug 1249598 for CVE-2025-39760",
"url": "https://bugzilla.suse.com/1249598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39760"
},
{
"cve": "CVE-2025-39761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Decrement TID on RX peer frag setup error handling\n\nCurrently, TID is not decremented before peer cleanup, during error\nhandling path of ath12k_dp_rx_peer_frag_setup(). This could lead to\nout-of-bounds access in peer-\u003erx_tid[].\n\nHence, add a decrement operation for TID, before peer cleanup to\nensures proper cleanup and prevents out-of-bounds access issues when\nthe RX peer frag setup fails.\n\nFound during code review. Compile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39761",
"url": "https://www.suse.com/security/cve/CVE-2025-39761"
},
{
"category": "external",
"summary": "SUSE Bug 1249554 for CVE-2025-39761",
"url": "https://bugzilla.suse.com/1249554"
},
{
"category": "external",
"summary": "SUSE Bug 1249555 for CVE-2025-39761",
"url": "https://bugzilla.suse.com/1249555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39761"
},
{
"cve": "CVE-2025-39763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered\n\nIf a synchronous error is detected as a result of user-space process\ntriggering a 2-bit uncorrected error, the CPU will take a synchronous\nerror exception such as Synchronous External Abort (SEA) on Arm64. The\nkernel will queue a memory_failure() work which poisons the related\npage, unmaps the page, and then sends a SIGBUS to the process, so that\na system wide panic can be avoided.\n\nHowever, no memory_failure() work will be queued when abnormal\nsynchronous errors occur. These errors can include situations like\ninvalid PA, unexpected severity, no memory failure config support,\ninvalid GUID section, etc. In such a case, the user-space process will\ntrigger SEA again. This loop can potentially exceed the platform\nfirmware threshold or even trigger a kernel hard lockup, leading to a\nsystem reboot.\n\nFix it by performing a force kill if no memory_failure() work is queued\nfor synchronous errors.\n\n[ rjw: Changelog edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39763",
"url": "https://www.suse.com/security/cve/CVE-2025-39763"
},
{
"category": "external",
"summary": "SUSE Bug 1249615 for CVE-2025-39763",
"url": "https://bugzilla.suse.com/1249615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39763"
},
{
"cve": "CVE-2025-39764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: remove refcounting in expectation dumpers\n\nSame pattern as previous patch: do not keep the expectation object\nalive via refcount, only store a cookie value and then use that\nas the skip hint for dump resumption.\n\nAFAICS this has the same issue as the one resolved in the conntrack\ndumper, when we do\n if (!refcount_inc_not_zero(\u0026exp-\u003euse))\n\nto increment the refcount, there is a chance that exp == last, which\ncauses a double-increment of the refcount and subsequent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39764",
"url": "https://www.suse.com/security/cve/CVE-2025-39764"
},
{
"category": "external",
"summary": "SUSE Bug 1249513 for CVE-2025-39764",
"url": "https://bugzilla.suse.com/1249513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39764"
},
{
"cve": "CVE-2025-39766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit\n\nThe following setup can trigger a WARNING in htb_activate due to\nthe condition: !cl-\u003eleaf.q-\u003eq.qlen\n\ntc qdisc del dev lo root\ntc qdisc add dev lo root handle 1: htb default 1\ntc class add dev lo parent 1: classid 1:1 \\\n htb rate 64bit\ntc qdisc add dev lo parent 1:1 handle f: \\\n cake memlimit 1b\nping -I lo -f -c1 -s64 -W0.001 127.0.0.1\n\nThis is because the low memlimit leads to a low buffer_limit, which\ncauses packet dropping. However, cake_enqueue still returns\nNET_XMIT_SUCCESS, causing htb_enqueue to call htb_activate with an\nempty child qdisc. We should return NET_XMIT_CN when packets are\ndropped from the same tin and flow.\n\nI do not believe return value of NET_XMIT_CN is necessary for packet\ndrops in the case of ack filtering, as that is meant to optimize\nperformance, not to signal congestion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39766",
"url": "https://www.suse.com/security/cve/CVE-2025-39766"
},
{
"category": "external",
"summary": "SUSE Bug 1249510 for CVE-2025-39766",
"url": "https://bugzilla.suse.com/1249510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39766"
},
{
"cve": "CVE-2025-39770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM\n\nWhen performing Generic Segmentation Offload (GSO) on an IPv6 packet that\ncontains extension headers, the kernel incorrectly requests checksum offload\nif the egress device only advertises NETIF_F_IPV6_CSUM feature, which has\na strict contract: it supports checksum offload only for plain TCP or UDP\nover IPv6 and explicitly does not support packets with extension headers.\nThe current GSO logic violates this contract by failing to disable the feature\nfor packets with extension headers, such as those used in GREoIPv6 tunnels.\n\nThis violation results in the device being asked to perform an operation\nit cannot support, leading to a `skb_warn_bad_offload` warning and a collapse\nof network throughput. While device TSO/USO is correctly bypassed in favor\nof software GSO for these packets, the GSO stack must be explicitly told not\nto request checksum offload.\n\nMask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4\nin gso_features_check if the IPv6 header contains extension headers to compute\nchecksum in software.\n\nThe exception is a BIG TCP extension, which, as stated in commit\n68e068cabd2c6c53 (\"net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\"):\n\"The feature is only enabled on devices that support BIG TCP TSO.\nThe header is only present for PF_PACKET taps like tcpdump,\nand not transmitted by physical devices.\"\n\nkernel log output (truncated):\nWARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140\n...\nCall Trace:\n \u003cTASK\u003e\n skb_checksum_help+0x12a/0x1f0\n validate_xmit_skb+0x1a3/0x2d0\n validate_xmit_skb_list+0x4f/0x80\n sch_direct_xmit+0x1a2/0x380\n __dev_xmit_skb+0x242/0x670\n __dev_queue_xmit+0x3fc/0x7f0\n ip6_finish_output2+0x25e/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel]\n ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre]\n dev_hard_start_xmit+0x63/0x1c0\n __dev_queue_xmit+0x6d0/0x7f0\n ip6_finish_output2+0x214/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n inet6_csk_xmit+0xeb/0x150\n __tcp_transmit_skb+0x555/0xa80\n tcp_write_xmit+0x32a/0xe90\n tcp_sendmsg_locked+0x437/0x1110\n tcp_sendmsg+0x2f/0x50\n...\nskb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e\nskb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00\nskb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00\nskb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00\nskb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9\nskb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01\nskb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39770",
"url": "https://www.suse.com/security/cve/CVE-2025-39770"
},
{
"category": "external",
"summary": "SUSE Bug 1249508 for CVE-2025-39770",
"url": "https://bugzilla.suse.com/1249508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39770"
},
{
"cve": "CVE-2025-39772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hisilicon/hibmc: fix the hibmc loaded failed bug\n\nWhen hibmc loaded failed, the driver use hibmc_unload to free the\nresource, but the mutexes in mode.config are not init, which will\naccess an NULL pointer. Just change goto statement to return, because\nhibnc_hw_init() doesn\u0027t need to free anything.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39772",
"url": "https://www.suse.com/security/cve/CVE-2025-39772"
},
{
"category": "external",
"summary": "SUSE Bug 1249506 for CVE-2025-39772",
"url": "https://bugzilla.suse.com/1249506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39772"
},
{
"cve": "CVE-2025-39773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix soft lockup in br_multicast_query_expired()\n\nWhen set multicast_query_interval to a large value, the local variable\n\u0027time\u0027 in br_multicast_send_query() may overflow. If the time is smaller\nthan jiffies, the timer will expire immediately, and then call mod_timer()\nagain, which creates a loop and may trigger the following soft lockup\nissue.\n\n watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66]\n CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none)\n Call Trace:\n \u003cIRQ\u003e\n __netdev_alloc_skb+0x2e/0x3a0\n br_ip6_multicast_alloc_query+0x212/0x1b70\n __br_multicast_send_query+0x376/0xac0\n br_multicast_send_query+0x299/0x510\n br_multicast_query_expired.constprop.0+0x16d/0x1b0\n call_timer_fn+0x3b/0x2a0\n __run_timers+0x619/0x950\n run_timer_softirq+0x11c/0x220\n handle_softirqs+0x18e/0x560\n __irq_exit_rcu+0x158/0x1a0\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n\nThis issue can be reproduced with:\n ip link add br0 type bridge\n echo 1 \u003e /sys/class/net/br0/bridge/multicast_querier\n echo 0xffffffffffffffff \u003e\n \t/sys/class/net/br0/bridge/multicast_query_interval\n ip link set dev br0 up\n\nThe multicast_startup_query_interval can also cause this issue. Similar to\nthe commit 99b40610956a (\"net: bridge: mcast: add and enforce query\ninterval minimum\"), add check for the query interval maximum to fix this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39773",
"url": "https://www.suse.com/security/cve/CVE-2025-39773"
},
{
"category": "external",
"summary": "SUSE Bug 1249504 for CVE-2025-39773",
"url": "https://bugzilla.suse.com/1249504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39773"
},
{
"cve": "CVE-2025-39782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: prevent softlockup in jbd2_log_do_checkpoint()\n\nBoth jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list()\nperiodically release j_list_lock after processing a batch of buffers to\navoid long hold times on the j_list_lock. However, since both functions\ncontend for j_list_lock, the combined time spent waiting and processing\ncan be significant.\n\njbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when\nneed_resched() is true to avoid softlockups during prolonged operations.\nBut jbd2_log_do_checkpoint() only exits its loop when need_resched() is\ntrue, relying on potentially sleeping functions like __flush_batch() or\nwait_on_buffer() to trigger rescheduling. If those functions do not sleep,\nthe kernel may hit a softlockup.\n\nwatchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373]\nCPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017\nWorkqueue: writeback wb_workfn (flush-7:2)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : native_queued_spin_lock_slowpath+0x358/0x418\nlr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\nCall trace:\n native_queued_spin_lock_slowpath+0x358/0x418\n jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\n __jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2]\n add_transaction_credits+0x3bc/0x418 [jbd2]\n start_this_handle+0xf8/0x560 [jbd2]\n jbd2__journal_start+0x118/0x228 [jbd2]\n __ext4_journal_start_sb+0x110/0x188 [ext4]\n ext4_do_writepages+0x3dc/0x740 [ext4]\n ext4_writepages+0xa4/0x190 [ext4]\n do_writepages+0x94/0x228\n __writeback_single_inode+0x48/0x318\n writeback_sb_inodes+0x204/0x590\n __writeback_inodes_wb+0x54/0xf8\n wb_writeback+0x2cc/0x3d8\n wb_do_writeback+0x2e0/0x2f8\n wb_workfn+0x80/0x2a8\n process_one_work+0x178/0x3e8\n worker_thread+0x234/0x3b8\n kthread+0xf0/0x108\n ret_from_fork+0x10/0x20\n\nSo explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid\nsoftlockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39782",
"url": "https://www.suse.com/security/cve/CVE-2025-39782"
},
{
"category": "external",
"summary": "SUSE Bug 1249526 for CVE-2025-39782",
"url": "https://bugzilla.suse.com/1249526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39782"
},
{
"cve": "CVE-2025-39783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Fix configfs group list head handling\n\nDoing a list_del() on the epf_group field of struct pci_epf_driver in\npci_epf_remove_cfs() is not correct as this field is a list head, not\na list entry. This list_del() call triggers a KASAN warning when an\nendpoint function driver which has a configfs attribute group is torn\ndown:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in pci_epf_remove_cfs+0x17c/0x198\nWrite of size 8 at addr ffff00010f4a0d80 by task rmmod/319\n\nCPU: 3 UID: 0 PID: 319 Comm: rmmod Not tainted 6.16.0-rc2 #1 NONE\nHardware name: Radxa ROCK 5B (DT)\nCall trace:\nshow_stack+0x2c/0x84 (C)\ndump_stack_lvl+0x70/0x98\nprint_report+0x17c/0x538\nkasan_report+0xb8/0x190\n__asan_report_store8_noabort+0x20/0x2c\npci_epf_remove_cfs+0x17c/0x198\npci_epf_unregister_driver+0x18/0x30\nnvmet_pci_epf_cleanup_module+0x24/0x30 [nvmet_pci_epf]\n__arm64_sys_delete_module+0x264/0x424\ninvoke_syscall+0x70/0x260\nel0_svc_common.constprop.0+0xac/0x230\ndo_el0_svc+0x40/0x58\nel0_svc+0x48/0xdc\nel0t_64_sync_handler+0x10c/0x138\nel0t_64_sync+0x198/0x19c\n...\n\nRemove this incorrect list_del() call from pci_epf_remove_cfs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39783",
"url": "https://www.suse.com/security/cve/CVE-2025-39783"
},
{
"category": "external",
"summary": "SUSE Bug 1249486 for CVE-2025-39783",
"url": "https://bugzilla.suse.com/1249486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39783"
},
{
"cve": "CVE-2025-39787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: mdt_loader: Ensure we don\u0027t read past the ELF header\n\nWhen the MDT loader is used in remoteproc, the ELF header is sanitized\nbeforehand, but that\u0027s not necessary the case for other clients.\n\nValidate the size of the firmware buffer to ensure that we don\u0027t read\npast the end as we iterate over the header. e_phentsize and e_shentsize\nare validated as well, to ensure that the assumptions about step size in\nthe traversal are valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39787",
"url": "https://www.suse.com/security/cve/CVE-2025-39787"
},
{
"category": "external",
"summary": "SUSE Bug 1249545 for CVE-2025-39787",
"url": "https://bugzilla.suse.com/1249545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39787"
},
{
"cve": "CVE-2025-39790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Detect events pointing to unexpected TREs\n\nWhen a remote device sends a completion event to the host, it contains a\npointer to the consumed TRE. The host uses this pointer to process all of\nthe TREs between it and the host\u0027s local copy of the ring\u0027s read pointer.\nThis works when processing completion for chained transactions, but can\nlead to nasty results if the device sends an event for a single-element\ntransaction with a read pointer that is multiple elements ahead of the\nhost\u0027s read pointer.\n\nFor instance, if the host accesses an event ring while the device is\nupdating it, the pointer inside of the event might still point to an old\nTRE. If the host uses the channel\u0027s xfer_cb() to directly free the buffer\npointed to by the TRE, the buffer will be double-freed.\n\nThis behavior was observed on an ep that used upstream EP stack without\n\u0027commit 6f18d174b73d (\"bus: mhi: ep: Update read pointer only after buffer\nis written\")\u0027. Where the device updated the events ring pointer before\nupdating the event contents, so it left a window where the host was able to\naccess the stale data the event pointed to, before the device had the\nchance to update them. The usual pattern was that the host received an\nevent pointing to a TRE that is not immediately after the last processed\none, so it got treated as if it was a chained transaction, processing all\nof the TREs in between the two read pointers.\n\nThis commit aims to harden the host by ensuring transactions where the\nevent points to a TRE that isn\u0027t local_rp + 1 are chained.\n\n[mani: added stable tag and reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39790",
"url": "https://www.suse.com/security/cve/CVE-2025-39790"
},
{
"category": "external",
"summary": "SUSE Bug 1249548 for CVE-2025-39790",
"url": "https://bugzilla.suse.com/1249548"
},
{
"category": "external",
"summary": "SUSE Bug 1249549 for CVE-2025-39790",
"url": "https://bugzilla.suse.com/1249549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39790"
},
{
"cve": "CVE-2025-39797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39797",
"url": "https://www.suse.com/security/cve/CVE-2025-39797"
},
{
"category": "external",
"summary": "SUSE Bug 1249608 for CVE-2025-39797",
"url": "https://bugzilla.suse.com/1249608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39797"
},
{
"cve": "CVE-2025-39798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix the setting of capabilities when automounting a new filesystem\n\nCapabilities cannot be inherited when we cross into a new filesystem.\nThey need to be reset to the minimal defaults, and then probed for\nagain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39798",
"url": "https://www.suse.com/security/cve/CVE-2025-39798"
},
{
"category": "external",
"summary": "SUSE Bug 1249774 for CVE-2025-39798",
"url": "https://bugzilla.suse.com/1249774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39798"
},
{
"cve": "CVE-2025-39800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: abort transaction on unexpected eb generation at btrfs_copy_root()\n\nIf we find an unexpected generation for the extent buffer we are cloning\nat btrfs_copy_root(), we just WARN_ON() and don\u0027t error out and abort the\ntransaction, meaning we allow to persist metadata with an unexpected\ngeneration. Instead of warning only, abort the transaction and return\n-EUCLEAN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39800",
"url": "https://www.suse.com/security/cve/CVE-2025-39800"
},
{
"category": "external",
"summary": "SUSE Bug 1250177 for CVE-2025-39800",
"url": "https://bugzilla.suse.com/1250177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39800"
},
{
"cve": "CVE-2025-39801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: Remove WARN_ON for device endpoint command timeouts\n\nThis commit addresses a rarely observed endpoint command timeout\nwhich causes kernel panic due to warn when \u0027panic_on_warn\u0027 is enabled\nand unnecessary call trace prints when \u0027panic_on_warn\u0027 is disabled.\nIt is seen during fast software-controlled connect/disconnect testcases.\nThe following is one such endpoint command timeout that we observed:\n\n1. Connect\n =======\n-\u003edwc3_thread_interrupt\n -\u003edwc3_ep0_interrupt\n -\u003econfigfs_composite_setup\n -\u003ecomposite_setup\n -\u003eusb_ep_queue\n -\u003edwc3_gadget_ep0_queue\n -\u003e__dwc3_gadget_ep0_queue\n -\u003e__dwc3_ep0_do_control_data\n -\u003edwc3_send_gadget_ep_cmd\n\n2. Disconnect\n ==========\n-\u003edwc3_thread_interrupt\n -\u003edwc3_gadget_disconnect_interrupt\n -\u003edwc3_ep0_reset_state\n -\u003edwc3_ep0_end_control_data\n -\u003edwc3_send_gadget_ep_cmd\n\nIn the issue scenario, in Exynos platforms, we observed that control\ntransfers for the previous connect have not yet been completed and end\ntransfer command sent as a part of the disconnect sequence and\nprocessing of USB_ENDPOINT_HALT feature request from the host timeout.\nThis maybe an expected scenario since the controller is processing EP\ncommands sent as a part of the previous connect. It maybe better to\nremove WARN_ON in all places where device endpoint commands are sent to\navoid unnecessary kernel panic due to warn.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39801",
"url": "https://www.suse.com/security/cve/CVE-2025-39801"
},
{
"category": "external",
"summary": "SUSE Bug 1250450 for CVE-2025-39801",
"url": "https://bugzilla.suse.com/1250450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39801"
},
{
"cve": "CVE-2025-39806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: fix slab out-of-bounds access in mt_report_fixup()\n\nA malicious HID device can trigger a slab out-of-bounds during\nmt_report_fixup() by passing in report descriptor smaller than\n607 bytes. mt_report_fixup() attempts to patch byte offset 607\nof the descriptor with 0x25 by first checking if byte offset\n607 is 0x15 however it lacks bounds checks to verify if the\ndescriptor is big enough before conducting this check. Fix\nthis bug by ensuring the descriptor size is at least 608\nbytes before accessing it.\n\nBelow is the KASAN splat after the out of bounds access happens:\n\n[ 13.671954] ==================================================================\n[ 13.672667] BUG: KASAN: slab-out-of-bounds in mt_report_fixup+0x103/0x110\n[ 13.673297] Read of size 1 at addr ffff888103df39df by task kworker/0:1/10\n[ 13.673297]\n[ 13.673297] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.15.0-00005-gec5d573d83f4-dirty #3\n[ 13.673297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/04\n[ 13.673297] Call Trace:\n[ 13.673297] \u003cTASK\u003e\n[ 13.673297] dump_stack_lvl+0x5f/0x80\n[ 13.673297] print_report+0xd1/0x660\n[ 13.673297] kasan_report+0xe5/0x120\n[ 13.673297] __asan_report_load1_noabort+0x18/0x20\n[ 13.673297] mt_report_fixup+0x103/0x110\n[ 13.673297] hid_open_report+0x1ef/0x810\n[ 13.673297] mt_probe+0x422/0x960\n[ 13.673297] hid_device_probe+0x2e2/0x6f0\n[ 13.673297] really_probe+0x1c6/0x6b0\n[ 13.673297] __driver_probe_device+0x24f/0x310\n[ 13.673297] driver_probe_device+0x4e/0x220\n[ 13.673297] __device_attach_driver+0x169/0x320\n[ 13.673297] bus_for_each_drv+0x11d/0x1b0\n[ 13.673297] __device_attach+0x1b8/0x3e0\n[ 13.673297] device_initial_probe+0x12/0x20\n[ 13.673297] bus_probe_device+0x13d/0x180\n[ 13.673297] device_add+0xe3a/0x1670\n[ 13.673297] hid_add_device+0x31d/0xa40\n[...]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39806",
"url": "https://www.suse.com/security/cve/CVE-2025-39806"
},
{
"category": "external",
"summary": "SUSE Bug 1249888 for CVE-2025-39806",
"url": "https://bugzilla.suse.com/1249888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39806"
},
{
"cve": "CVE-2025-39808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()\n\nin ntrig_report_version(), hdev parameter passed from hid_probe().\nsending descriptor to /dev/uhid can make hdev-\u003edev.parent-\u003eparent to null\nif hdev-\u003edev.parent-\u003eparent is null, usb_dev has\ninvalid address(0xffffffffffffff58) that hid_to_usb_dev(hdev) returned\nwhen usb_rcvctrlpipe() use usb_dev,it trigger\npage fault error for address(0xffffffffffffff58)\n\nadd null check logic to ntrig_report_version()\nbefore calling hid_to_usb_dev()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39808",
"url": "https://www.suse.com/security/cve/CVE-2025-39808"
},
{
"category": "external",
"summary": "SUSE Bug 1250088 for CVE-2025-39808",
"url": "https://bugzilla.suse.com/1250088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39808"
},
{
"cve": "CVE-2025-39810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix memory corruption when FW resources change during ifdown\n\nbnxt_set_dflt_rings() assumes that it is always called before any TC has\nbeen created. So it doesn\u0027t take bp-\u003enum_tc into account and assumes\nthat it is always 0 or 1.\n\nIn the FW resource or capability change scenario, the FW will return\nflags in bnxt_hwrm_if_change() that will cause the driver to\nreinitialize and call bnxt_cancel_reservations(). This will lead to\nbnxt_init_dflt_ring_mode() calling bnxt_set_dflt_rings() and bp-\u003enum_tc\nmay be greater than 1. This will cause bp-\u003etx_ring[] to be sized too\nsmall and cause memory corruption in bnxt_alloc_cp_rings().\n\nFix it by properly scaling the TX rings by bp-\u003enum_tc in the code\npaths mentioned above. Add 2 helper functions to determine\nbp-\u003etx_nr_rings and bp-\u003etx_nr_rings_per_tc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39810",
"url": "https://www.suse.com/security/cve/CVE-2025-39810"
},
{
"category": "external",
"summary": "SUSE Bug 1249975 for CVE-2025-39810",
"url": "https://bugzilla.suse.com/1249975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39810"
},
{
"cve": "CVE-2025-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39823",
"url": "https://www.suse.com/security/cve/CVE-2025-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1250002 for CVE-2025-39823",
"url": "https://bugzilla.suse.com/1250002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39823"
},
{
"cve": "CVE-2025-39824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: asus: fix UAF via HID_CLAIMED_INPUT validation\n\nAfter hid_hw_start() is called hidinput_connect() will eventually be\ncalled to set up the device with the input layer since the\nHID_CONNECT_DEFAULT connect mask is used. During hidinput_connect()\nall input and output reports are processed and corresponding hid_inputs\nare allocated and configured via hidinput_configure_usages(). This\nprocess involves slot tagging report fields and configuring usages\nby setting relevant bits in the capability bitmaps. However it is possible\nthat the capability bitmaps are not set at all leading to the subsequent\nhidinput_has_been_populated() check to fail leading to the freeing of the\nhid_input and the underlying input device.\n\nThis becomes problematic because a malicious HID device like a\nASUS ROG N-Key keyboard can trigger the above scenario via a\nspecially crafted descriptor which then leads to a user-after-free\nwhen the name of the freed input device is written to later on after\nhid_hw_start(). Below, report 93 intentionally utilises the\nHID_UP_UNDEFINED Usage Page which is skipped during usage\nconfiguration, leading to the frees.\n\n0x05, 0x0D, // Usage Page (Digitizer)\n0x09, 0x05, // Usage (Touch Pad)\n0xA1, 0x01, // Collection (Application)\n0x85, 0x0D, // Report ID (13)\n0x06, 0x00, 0xFF, // Usage Page (Vendor Defined 0xFF00)\n0x09, 0xC5, // Usage (0xC5)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x04, // Report Count (4)\n0xB1, 0x02, // Feature (Data,Var,Abs)\n0x85, 0x5D, // Report ID (93)\n0x06, 0x00, 0x00, // Usage Page (Undefined)\n0x09, 0x01, // Usage (0x01)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x1B, // Report Count (27)\n0x81, 0x02, // Input (Data,Var,Abs)\n0xC0, // End Collection\n\nBelow is the KASAN splat after triggering the UAF:\n\n[ 21.672709] ==================================================================\n[ 21.673700] BUG: KASAN: slab-use-after-free in asus_probe+0xeeb/0xf80\n[ 21.673700] Write of size 8 at addr ffff88810a0ac000 by task kworker/1:2/54\n[ 21.673700]\n[ 21.673700] CPU: 1 UID: 0 PID: 54 Comm: kworker/1:2 Not tainted 6.16.0-rc4-g9773391cf4dd-dirty #36 PREEMPT(voluntary)\n[ 21.673700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n[ 21.673700] Call Trace:\n[ 21.673700] \u003cTASK\u003e\n[ 21.673700] dump_stack_lvl+0x5f/0x80\n[ 21.673700] print_report+0xd1/0x660\n[ 21.673700] kasan_report+0xe5/0x120\n[ 21.673700] __asan_report_store8_noabort+0x1b/0x30\n[ 21.673700] asus_probe+0xeeb/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Allocated by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_alloc_info+0x3b/0x50\n[ 21.673700] __kasan_kmalloc+0x9c/0xa0\n[ 21.673700] __kmalloc_cache_noprof+0x139/0x340\n[ 21.673700] input_allocate_device+0x44/0x370\n[ 21.673700] hidinput_connect+0xcb6/0x2630\n[ 21.673700] hid_connect+0xf74/0x1d60\n[ 21.673700] hid_hw_start+0x8c/0x110\n[ 21.673700] asus_probe+0x5a3/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Freed by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_free_info+0x3f/0x60\n[ 21.673700] __kasan_slab_free+0x3c/0x50\n[ 21.673700] kfre\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39824",
"url": "https://www.suse.com/security/cve/CVE-2025-39824"
},
{
"category": "external",
"summary": "SUSE Bug 1250007 for CVE-2025-39824",
"url": "https://bugzilla.suse.com/1250007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39824"
},
{
"cve": "CVE-2025-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix race with concurrent opens in rename(2)\n\nBesides sending the rename request to the server, the rename process\nalso involves closing any deferred close, waiting for outstanding I/O\nto complete as well as marking all existing open handles as deleted to\nprevent them from deferring closes, which increases the race window\nfor potential concurrent opens on the target file.\n\nFix this by unhashing the dentry in advance to prevent any concurrent\nopens on the target.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39825",
"url": "https://www.suse.com/security/cve/CVE-2025-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1250179 for CVE-2025-39825",
"url": "https://bugzilla.suse.com/1250179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39825"
},
{
"cve": "CVE-2025-39826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: convert \u0027use\u0027 field to refcount_t\n\nThe \u0027use\u0027 field in struct rose_neigh is used as a reference counter but\nlacks atomicity. This can lead to race conditions where a rose_neigh\nstructure is freed while still being referenced by other code paths.\n\nFor example, when rose_neigh-\u003euse becomes zero during an ioctl operation\nvia rose_rt_ioctl(), the structure may be removed while its timer is\nstill active, potentially causing use-after-free issues.\n\nThis patch changes the type of \u0027use\u0027 from unsigned short to refcount_t and\nupdates all code paths to use rose_neigh_hold() and rose_neigh_put() which\noperate reference counts atomically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39826",
"url": "https://www.suse.com/security/cve/CVE-2025-39826"
},
{
"category": "external",
"summary": "SUSE Bug 1250203 for CVE-2025-39826",
"url": "https://bugzilla.suse.com/1250203"
},
{
"category": "external",
"summary": "SUSE Bug 1252713 for CVE-2025-39826",
"url": "https://bugzilla.suse.com/1252713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39826"
},
{
"cve": "CVE-2025-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39827"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: include node references in rose_neigh refcount\n\nCurrent implementation maintains two separate reference counting\nmechanisms: the \u0027count\u0027 field in struct rose_neigh tracks references from\nrose_node structures, while the \u0027use\u0027 field (now refcount_t) tracks\nreferences from rose_sock.\n\nThis patch merges these two reference counting systems using \u0027use\u0027 field\nfor proper reference management. Specifically, this patch adds incrementing\nand decrementing of rose_neigh-\u003euse when rose_neigh-\u003ecount is incremented\nor decremented.\n\nThis patch also modifies rose_rt_free(), rose_rt_device_down() and\nrose_clear_route() to properly release references to rose_neigh objects\nbefore freeing a rose_node through rose_remove_node().\n\nThese changes ensure rose_neigh structures are properly freed only when\nall references, including those from rose_node structures, are released.\nAs a result, this resolves a slab-use-after-free issue reported by Syzbot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39827",
"url": "https://www.suse.com/security/cve/CVE-2025-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1250204 for CVE-2025-39827",
"url": "https://bugzilla.suse.com/1250204"
},
{
"category": "external",
"summary": "SUSE Bug 1252714 for CVE-2025-39827",
"url": "https://bugzilla.suse.com/1252714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "important"
}
],
"title": "CVE-2025-39827"
},
{
"cve": "CVE-2025-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().\n\nsyzbot reported the splat below. [0]\n\nWhen atmtcp_v_open() or atmtcp_v_close() is called via connect()\nor close(), atmtcp_send_control() is called to send an in-kernel\nspecial message.\n\nThe message has ATMTCP_HDR_MAGIC in atmtcp_control.hdr.length.\nAlso, a pointer of struct atm_vcc is set to atmtcp_control.vcc.\n\nThe notable thing is struct atmtcp_control is uAPI but has a\nspace for an in-kernel pointer.\n\n struct atmtcp_control {\n \tstruct atmtcp_hdr hdr;\t/* must be first */\n ...\n \tatm_kptr_t vcc;\t\t/* both directions */\n ...\n } __ATM_API_ALIGN;\n\n typedef struct { unsigned char _[8]; } __ATM_API_ALIGN atm_kptr_t;\n\nThe special message is processed in atmtcp_recv_control() called\nfrom atmtcp_c_send().\n\natmtcp_c_send() is vcc-\u003edev-\u003eops-\u003esend() and called from 2 paths:\n\n 1. .ndo_start_xmit() (vcc-\u003esend() == atm_send_aal0())\n 2. vcc_sendmsg()\n\nThe problem is sendmsg() does not validate the message length and\nuserspace can abuse atmtcp_recv_control() to overwrite any kptr\nby atmtcp_control.\n\nLet\u0027s add a new -\u003epre_send() hook to validate messages from sendmsg().\n\n[0]:\nOops: general protection fault, probably for non-canonical address 0xdffffc00200000ab: 0000 [#1] SMP KASAN PTI\nKASAN: probably user-memory-access in range [0x0000000100000558-0x000000010000055f]\nCPU: 0 UID: 0 PID: 5865 Comm: syz-executor331 Not tainted 6.17.0-rc1-syzkaller-00215-gbab3ce404553 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:atmtcp_recv_control drivers/atm/atmtcp.c:93 [inline]\nRIP: 0010:atmtcp_c_send+0x1da/0x950 drivers/atm/atmtcp.c:297\nCode: 4d 8d 75 1a 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 15 06 00 00 41 0f b7 1e 4d 8d b7 60 05 00 00 4c 89 f0 48 c1 e8 03 \u003c42\u003e 0f b6 04 20 84 c0 0f 85 13 06 00 00 66 41 89 1e 4d 8d 75 1c 4c\nRSP: 0018:ffffc90003f5f810 EFLAGS: 00010203\nRAX: 00000000200000ab RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802a510000 RSI: 00000000ffffffff RDI: ffff888030a6068c\nRBP: ffff88802699fb40 R08: ffff888030a606eb R09: 1ffff1100614c0dd\nR10: dffffc0000000000 R11: ffffffff8718fc40 R12: dffffc0000000000\nR13: ffff888030a60680 R14: 000000010000055f R15: 00000000ffffffff\nFS: 00007f8d7e9236c0(0000) GS:ffff888125c1c000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000045ad50 CR3: 0000000075bde000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc60 net/atm/common.c:645\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n ____sys_sendmsg+0x505/0x830 net/socket.c:2614\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668\n __sys_sendmsg net/socket.c:2700 [inline]\n __do_sys_sendmsg net/socket.c:2705 [inline]\n __se_sys_sendmsg net/socket.c:2703 [inline]\n __x64_sys_sendmsg+0x19b/0x260 net/socket.c:2703\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f8d7e96a4a9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f8d7e923198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f8d7e9f4308 RCX: 00007f8d7e96a4a9\nRDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005\nRBP: 00007f8d7e9f4300 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f8d7e9c10ac\nR13: 00007f8d7e9231a0 R14: 0000200000000200 R15: 0000200000000250\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39828",
"url": "https://www.suse.com/security/cve/CVE-2025-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1250205 for CVE-2025-39828",
"url": "https://bugzilla.suse.com/1250205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39828"
},
{
"cve": "CVE-2025-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix lockdep assertion on sync reset unload event\n\nFix lockdep assertion triggered during sync reset unload event. When the\nsync reset flow is initiated using the devlink reload fw_activate\noption, the PF already holds the devlink lock while handling unload\nevent. In this case, delegate sync reset unload event handling back to\nthe devlink callback process to avoid double-locking and resolve the\nlockdep warning.\n\nKernel log:\nWARNING: CPU: 9 PID: 1578 at devl_assert_locked+0x31/0x40\n[...]\nCall Trace:\n\u003cTASK\u003e\n mlx5_unload_one_devl_locked+0x2c/0xc0 [mlx5_core]\n mlx5_sync_reset_unload_event+0xaf/0x2f0 [mlx5_core]\n process_one_work+0x222/0x640\n worker_thread+0x199/0x350\n kthread+0x10b/0x230\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x8e/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39832",
"url": "https://www.suse.com/security/cve/CVE-2025-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1249901 for CVE-2025-39832",
"url": "https://bugzilla.suse.com/1249901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39832"
},
{
"cve": "CVE-2025-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: hfcpci: Fix warning when deleting uninitialized timer\n\nWith CONFIG_DEBUG_OBJECTS_TIMERS unloading hfcpci module leads\nto the following splat:\n\n[ 250.215892] ODEBUG: assert_init not available (active state 0) object: ffffffffc01a3dc0 object type: timer_list hint: 0x0\n[ 250.217520] WARNING: CPU: 0 PID: 233 at lib/debugobjects.c:612 debug_print_object+0x1b6/0x2c0\n[ 250.218775] Modules linked in: hfcpci(-) mISDN_core\n[ 250.219537] CPU: 0 UID: 0 PID: 233 Comm: rmmod Not tainted 6.17.0-rc2-g6f713187ac98 #2 PREEMPT(voluntary)\n[ 250.220940] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 250.222377] RIP: 0010:debug_print_object+0x1b6/0x2c0\n[ 250.223131] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 41 56 48 8b 14 dd a0 4e 01 9f 48 89 ee 48 c7 c7 20 46 01 9f e8 cb 84d\n[ 250.225805] RSP: 0018:ffff888015ea7c08 EFLAGS: 00010286\n[ 250.226608] RAX: 0000000000000000 RBX: 0000000000000005 RCX: ffffffff9be93a95\n[ 250.227708] RDX: 1ffff1100d945138 RSI: 0000000000000008 RDI: ffff88806ca289c0\n[ 250.228993] RBP: ffffffff9f014a00 R08: 0000000000000001 R09: ffffed1002bd4f39\n[ 250.230043] R10: ffff888015ea79cf R11: 0000000000000001 R12: 0000000000000001\n[ 250.231185] R13: ffffffff9eea0520 R14: 0000000000000000 R15: ffff888015ea7cc8\n[ 250.232454] FS: 00007f3208f01540(0000) GS:ffff8880caf5a000(0000) knlGS:0000000000000000\n[ 250.233851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 250.234856] CR2: 00007f32090a7421 CR3: 0000000004d63000 CR4: 00000000000006f0\n[ 250.236117] Call Trace:\n[ 250.236599] \u003cTASK\u003e\n[ 250.236967] ? trace_irq_enable.constprop.0+0xd4/0x130\n[ 250.237920] debug_object_assert_init+0x1f6/0x310\n[ 250.238762] ? __pfx_debug_object_assert_init+0x10/0x10\n[ 250.239658] ? __lock_acquire+0xdea/0x1c70\n[ 250.240369] __try_to_del_timer_sync+0x69/0x140\n[ 250.241172] ? __pfx___try_to_del_timer_sync+0x10/0x10\n[ 250.242058] ? __timer_delete_sync+0xc6/0x120\n[ 250.242842] ? lock_acquire+0x30/0x80\n[ 250.243474] ? __timer_delete_sync+0xc6/0x120\n[ 250.244262] __timer_delete_sync+0x98/0x120\n[ 250.245015] HFC_cleanup+0x10/0x20 [hfcpci]\n[ 250.245704] __do_sys_delete_module+0x348/0x510\n[ 250.246461] ? __pfx___do_sys_delete_module+0x10/0x10\n[ 250.247338] do_syscall_64+0xc1/0x360\n[ 250.247924] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFix this by initializing hfc_tl timer with DEFINE_TIMER macro.\nAlso, use mod_timer instead of manual timeout update.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39833",
"url": "https://www.suse.com/security/cve/CVE-2025-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1250028 for CVE-2025-39833",
"url": "https://bugzilla.suse.com/1250028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39833"
},
{
"cve": "CVE-2025-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: do not propagate ENODATA disk errors into xattr code\n\nENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;\nnamely, that the requested attribute name could not be found.\n\nHowever, a medium error from disk may also return ENODATA. At best,\nthis medium error may escape to userspace as \"attribute not found\"\nwhen in fact it\u0027s an IO (disk) error.\n\nAt worst, we may oops in xfs_attr_leaf_get() when we do:\n\n\terror = xfs_attr_leaf_hasname(args, \u0026bp);\n\tif (error == -ENOATTR) {\n\t\txfs_trans_brelse(args-\u003etrans, bp);\n\t\treturn error;\n\t}\n\nbecause an ENODATA/ENOATTR error from disk leaves us with a null bp,\nand the xfs_trans_brelse will then null-deref it.\n\nAs discussed on the list, we really need to modify the lower level\nIO functions to trap all disk errors and ensure that we don\u0027t let\nunique errors like this leak up into higher xfs functions - many\nlike this should be remapped to EIO.\n\nHowever, this patch directly addresses a reported bug in the xattr\ncode, and should be safe to backport to stable kernels. A larger-scope\npatch to handle more unique errors at lower levels can follow later.\n\n(Note, prior to 07120f1abdff we did not oops, but we did return the\nwrong error code to userspace.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39835",
"url": "https://www.suse.com/security/cve/CVE-2025-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1250025 for CVE-2025-39835",
"url": "https://bugzilla.suse.com/1250025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39835"
},
{
"cve": "CVE-2025-39838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL pointer dereference in UTF16 conversion\n\nThere can be a NULL pointer dereference bug here. NULL is passed to\n__cifs_sfu_make_node without checks, which passes it unchecked to\ncifs_strndup_to_utf16, which in turn passes it to\ncifs_local_to_utf16_bytes where \u0027*from\u0027 is dereferenced, causing a crash.\n\nThis patch adds a check for NULL \u0027src\u0027 in cifs_strndup_to_utf16 and\nreturns NULL early to prevent dereferencing NULL pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39838",
"url": "https://www.suse.com/security/cve/CVE-2025-39838"
},
{
"category": "external",
"summary": "SUSE Bug 1250365 for CVE-2025-39838",
"url": "https://bugzilla.suse.com/1250365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39838"
},
{
"cve": "CVE-2025-39839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix OOB read/write in network-coding decode\n\nbatadv_nc_skb_decode_packet() trusts coded_len and checks only against\nskb-\u003elen. XOR starts at sizeof(struct batadv_unicast_packet), reducing\npayload headroom, and the source skb length is not verified, allowing an\nout-of-bounds read and a small out-of-bounds write.\n\nValidate that coded_len fits within the payload area of both destination\nand source sk_buffs before XORing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39839",
"url": "https://www.suse.com/security/cve/CVE-2025-39839"
},
{
"category": "external",
"summary": "SUSE Bug 1250291 for CVE-2025-39839",
"url": "https://bugzilla.suse.com/1250291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39839"
},
{
"cve": "CVE-2025-39842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: prevent release journal inode after journal shutdown\n\nBefore calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already\nbeen executed in ocfs2_dismount_volume(), so osb-\u003ejournal must be NULL. \nTherefore, the following calltrace will inevitably fail when it reaches\njbd2_journal_release_jbd_inode().\n\nocfs2_dismount_volume()-\u003e\n ocfs2_delete_osb()-\u003e\n ocfs2_free_slot_info()-\u003e\n __ocfs2_free_slot_info()-\u003e\n evict()-\u003e\n ocfs2_evict_inode()-\u003e\n ocfs2_clear_inode()-\u003e\n\t jbd2_journal_release_jbd_inode(osb-\u003ejournal-\u003ej_journal,\n\nAdding osb-\u003ejournal checks will prevent null-ptr-deref during the above\nexecution path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39842",
"url": "https://www.suse.com/security/cve/CVE-2025-39842"
},
{
"category": "external",
"summary": "SUSE Bug 1250267 for CVE-2025-39842",
"url": "https://bugzilla.suse.com/1250267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39842"
},
{
"cve": "CVE-2025-39844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: move page table sync declarations to linux/pgtable.h\n\nDuring our internal testing, we started observing intermittent boot\nfailures when the machine uses 4-level paging and has a large amount of\npersistent memory:\n\n BUG: unable to handle page fault for address: ffffe70000000034\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0 \n Oops: 0002 [#1] SMP NOPTI\n RIP: 0010:__init_single_page+0x9/0x6d\n Call Trace:\n \u003cTASK\u003e\n __init_zone_device_page+0x17/0x5d\n memmap_init_zone_device+0x154/0x1bb\n pagemap_range+0x2e0/0x40f\n memremap_pages+0x10b/0x2f0\n devm_memremap_pages+0x1e/0x60\n dev_dax_probe+0xce/0x2ec [device_dax]\n dax_bus_probe+0x6d/0xc9\n [... snip ...]\n \u003c/TASK\u003e\n\nIt turns out that the kernel panics while initializing vmemmap (struct\npage array) when the vmemmap region spans two PGD entries, because the new\nPGD entry is only installed in init_mm.pgd, but not in the page tables of\nother tasks.\n\nAnd looking at __populate_section_memmap():\n if (vmemmap_can_optimize(altmap, pgmap)) \n // does not sync top level page tables\n r = vmemmap_populate_compound_pages(pfn, start, end, nid, pgmap);\n else \n // sync top level page tables in x86\n r = vmemmap_populate(start, end, nid, altmap);\n\nIn the normal path, vmemmap_populate() in arch/x86/mm/init_64.c\nsynchronizes the top level page table (See commit 9b861528a801 (\"x86-64,\nmem: Update all PGDs for direct mapping and vmemmap mapping changes\")) so\nthat all tasks in the system can see the new vmemmap area.\n\nHowever, when vmemmap_can_optimize() returns true, the optimized path\nskips synchronization of top-level page tables. This is because\nvmemmap_populate_compound_pages() is implemented in core MM code, which\ndoes not handle synchronization of the top-level page tables. Instead,\nthe core MM has historically relied on each architecture to perform this\nsynchronization manually.\n\nWe\u0027re not the first party to encounter a crash caused by not-sync\u0027d top\nlevel page tables: earlier this year, Gwan-gyeong Mun attempted to address\nthe issue [1] [2] after hitting a kernel panic when x86 code accessed the\nvmemmap area before the corresponding top-level entries were synced. At\nthat time, the issue was believed to be triggered only when struct page\nwas enlarged for debugging purposes, and the patch did not get further\nupdates.\n\nIt turns out that current approach of relying on each arch to handle the\npage table sync manually is fragile because 1) it\u0027s easy to forget to sync\nthe top level page table, and 2) it\u0027s also easy to overlook that the\nkernel should not access the vmemmap and direct mapping areas before the\nsync.\n\n# The solution: Make page table sync more code robust and harder to miss\n\nTo address this, Dave Hansen suggested [3] [4] introducing\n{pgd,p4d}_populate_kernel() for updating kernel portion of the page tables\nand allow each architecture to explicitly perform synchronization when\ninstalling top-level entries. With this approach, we no longer need to\nworry about missing the sync step, reducing the risk of future\nregressions.\n\nThe new interface reuses existing ARCH_PAGE_TABLE_SYNC_MASK,\nPGTBL_P*D_MODIFIED and arch_sync_kernel_mappings() facility used by\nvmalloc and ioremap to synchronize page tables.\n\npgd_populate_kernel() looks like this:\nstatic inline void pgd_populate_kernel(unsigned long addr, pgd_t *pgd,\n p4d_t *p4d)\n{\n pgd_populate(\u0026init_mm, pgd, p4d);\n if (ARCH_PAGE_TABLE_SYNC_MASK \u0026 PGTBL_PGD_MODIFIED)\n arch_sync_kernel_mappings(addr, addr);\n}\n\nIt is worth noting that vmalloc() and apply_to_range() carefully\nsynchronizes page tables by calling p*d_alloc_track() and\narch_sync_kernel_mappings(), and thus they are not affected by\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39844",
"url": "https://www.suse.com/security/cve/CVE-2025-39844"
},
{
"category": "external",
"summary": "SUSE Bug 1250268 for CVE-2025-39844",
"url": "https://bugzilla.suse.com/1250268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39844"
},
{
"cve": "CVE-2025-39845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings()\n\nDefine ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure\npage tables are properly synchronized when calling p*d_populate_kernel().\n\nFor 5-level paging, synchronization is performed via\npgd_populate_kernel(). In 4-level paging, pgd_populate() is a no-op, so\nsynchronization is instead performed at the P4D level via\np4d_populate_kernel().\n\nThis fixes intermittent boot failures on systems using 4-level paging and\na large amount of persistent memory:\n\n BUG: unable to handle page fault for address: ffffe70000000034\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#1] SMP NOPTI\n RIP: 0010:__init_single_page+0x9/0x6d\n Call Trace:\n \u003cTASK\u003e\n __init_zone_device_page+0x17/0x5d\n memmap_init_zone_device+0x154/0x1bb\n pagemap_range+0x2e0/0x40f\n memremap_pages+0x10b/0x2f0\n devm_memremap_pages+0x1e/0x60\n dev_dax_probe+0xce/0x2ec [device_dax]\n dax_bus_probe+0x6d/0xc9\n [... snip ...]\n \u003c/TASK\u003e\n\nIt also fixes a crash in vmemmap_set_pmd() caused by accessing vmemmap\nbefore sync_global_pgds() [1]:\n\n BUG: unable to handle page fault for address: ffffeb3ff1200000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0002 [#1] PREEMPT SMP NOPTI\n Tainted: [W]=WARN\n RIP: 0010:vmemmap_set_pmd+0xff/0x230\n \u003cTASK\u003e\n vmemmap_populate_hugepages+0x176/0x180\n vmemmap_populate+0x34/0x80\n __populate_section_memmap+0x41/0x90\n sparse_add_section+0x121/0x3e0\n __add_pages+0xba/0x150\n add_pages+0x1d/0x70\n memremap_pages+0x3dc/0x810\n devm_memremap_pages+0x1c/0x60\n xe_devm_add+0x8b/0x100 [xe]\n xe_tile_init_noalloc+0x6a/0x70 [xe]\n xe_device_probe+0x48c/0x740 [xe]\n [... snip ...]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39845",
"url": "https://www.suse.com/security/cve/CVE-2025-39845"
},
{
"category": "external",
"summary": "SUSE Bug 1250262 for CVE-2025-39845",
"url": "https://bugzilla.suse.com/1250262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39845"
},
{
"cve": "CVE-2025-39846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()\n\nIn __iodyn_find_io_region(), pcmcia_make_resource() is assigned to\nres and used in pci_bus_alloc_resource(). There is a dereference of res\nin pci_bus_alloc_resource(), which could lead to a NULL pointer\ndereference on failure of pcmcia_make_resource().\n\nFix this bug by adding a check of res.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39846",
"url": "https://www.suse.com/security/cve/CVE-2025-39846"
},
{
"category": "external",
"summary": "SUSE Bug 1250263 for CVE-2025-39846",
"url": "https://bugzilla.suse.com/1250263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39846"
},
{
"cve": "CVE-2025-39847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: fix memory leak in pad_compress_skb\n\nIf alloc_skb() fails in pad_compress_skb(), it returns NULL without\nreleasing the old skb. The caller does:\n\n skb = pad_compress_skb(ppp, skb);\n if (!skb)\n goto drop;\n\ndrop:\n kfree_skb(skb);\n\nWhen pad_compress_skb() returns NULL, the reference to the old skb is\nlost and kfree_skb(skb) ends up doing nothing, leading to a memory leak.\n\nAlign pad_compress_skb() semantics with realloc(): only free the old\nskb if allocation and compression succeed. At the call site, use the\nnew_skb variable so the original skb is not lost when pad_compress_skb()\nfails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39847",
"url": "https://www.suse.com/security/cve/CVE-2025-39847"
},
{
"category": "external",
"summary": "SUSE Bug 1250292 for CVE-2025-39847",
"url": "https://bugzilla.suse.com/1250292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39847"
},
{
"cve": "CVE-2025-39848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: properly unshare skbs in ax25_kiss_rcv()\n\nBernard Pidoux reported a regression apparently caused by commit\nc353e8983e0d (\"net: introduce per netns packet chains\").\n\nskb-\u003edev becomes NULL and we crash in __netif_receive_skb_core().\n\nBefore above commit, different kind of bugs or corruptions could happen\nwithout a major crash.\n\nBut the root cause is that ax25_kiss_rcv() can queue/mangle input skb\nwithout checking if this skb is shared or not.\n\nMany thanks to Bernard Pidoux for his help, diagnosis and tests.\n\nWe had a similar issue years ago fixed with commit 7aaed57c5c28\n(\"phonet: properly unshare skbs in phonet_rcv()\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39848",
"url": "https://www.suse.com/security/cve/CVE-2025-39848"
},
{
"category": "external",
"summary": "SUSE Bug 1250298 for CVE-2025-39848",
"url": "https://bugzilla.suse.com/1250298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39848"
},
{
"cve": "CVE-2025-39849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()\n\nIf the ssid-\u003edatalen is more than IEEE80211_MAX_SSID_LEN (32) it would\nlead to memory corruption so add some bounds checking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39849",
"url": "https://www.suse.com/security/cve/CVE-2025-39849"
},
{
"category": "external",
"summary": "SUSE Bug 1250266 for CVE-2025-39849",
"url": "https://bugzilla.suse.com/1250266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39849"
},
{
"cve": "CVE-2025-39850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects\n\nWhen the \"proxy\" option is enabled on a VXLAN device, the device will\nsuppress ARP requests and IPv6 Neighbor Solicitation messages if it is\nable to reply on behalf of the remote host. That is, if a matching and\nvalid neighbor entry is configured on the VXLAN device whose MAC address\nis not behind the \"any\" remote (0.0.0.0 / ::).\n\nThe code currently assumes that the FDB entry for the neighbor\u0027s MAC\naddress points to a valid remote destination, but this is incorrect if\nthe entry is associated with an FDB nexthop group. This can result in a\nNPD [1][3] which can be reproduced using [2][4].\n\nFix by checking that the remote destination exists before dereferencing\nit.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n[...]\nCPU: 4 UID: 0 PID: 365 Comm: arping Not tainted 6.17.0-rc2-virtme-g2a89cb21162c #2 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc41 04/01/2014\nRIP: 0010:vxlan_xmit+0xb58/0x15f0\n[...]\nCall Trace:\n \u003cTASK\u003e\n dev_hard_start_xmit+0x5d/0x1c0\n __dev_queue_xmit+0x246/0xfd0\n packet_sendmsg+0x113a/0x1850\n __sock_sendmsg+0x38/0x70\n __sys_sendto+0x126/0x180\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n[2]\n #!/bin/bash\n\n ip address add 192.0.2.1/32 dev lo\n\n ip nexthop add id 1 via 192.0.2.2 fdb\n ip nexthop add id 10 group 1 fdb\n\n ip link add name vx0 up type vxlan id 10010 local 192.0.2.1 dstport 4789 proxy\n\n ip neigh add 192.0.2.3 lladdr 00:11:22:33:44:55 nud perm dev vx0\n\n bridge fdb add 00:11:22:33:44:55 dev vx0 self static nhid 10\n\n arping -b -c 1 -s 192.0.2.1 -I vx0 192.0.2.3\n\n[3]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n[...]\nCPU: 13 UID: 0 PID: 372 Comm: ndisc6 Not tainted 6.17.0-rc2-virtmne-g6ee90cb26014 #3 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1v996), BIOS 1.17.0-4.fc41 04/01/2x014\nRIP: 0010:vxlan_xmit+0x803/0x1600\n[...]\nCall Trace:\n \u003cTASK\u003e\n dev_hard_start_xmit+0x5d/0x1c0\n __dev_queue_xmit+0x246/0xfd0\n ip6_finish_output2+0x210/0x6c0\n ip6_finish_output+0x1af/0x2b0\n ip6_mr_output+0x92/0x3e0\n ip6_send_skb+0x30/0x90\n rawv6_sendmsg+0xe6e/0x12e0\n __sock_sendmsg+0x38/0x70\n __sys_sendto+0x126/0x180\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f383422ec77\n\n[4]\n #!/bin/bash\n\n ip address add 2001:db8:1::1/128 dev lo\n\n ip nexthop add id 1 via 2001:db8:1::1 fdb\n ip nexthop add id 10 group 1 fdb\n\n ip link add name vx0 up type vxlan id 10010 local 2001:db8:1::1 dstport 4789 proxy\n\n ip neigh add 2001:db8:1::3 lladdr 00:11:22:33:44:55 nud perm dev vx0\n\n bridge fdb add 00:11:22:33:44:55 dev vx0 self static nhid 10\n\n ndisc6 -r 1 -s 2001:db8:1::1 -w 1 2001:db8:1::3 vx0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39850",
"url": "https://www.suse.com/security/cve/CVE-2025-39850"
},
{
"category": "external",
"summary": "SUSE Bug 1250276 for CVE-2025-39850",
"url": "https://bugzilla.suse.com/1250276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39850"
},
{
"cve": "CVE-2025-39853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix potential invalid access when MAC list is empty\n\nlist_first_entry() never returns NULL - if the list is empty, it still\nreturns a pointer to an invalid object, leading to potential invalid\nmemory access when dereferenced.\n\nFix this by using list_first_entry_or_null instead of list_first_entry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39853",
"url": "https://www.suse.com/security/cve/CVE-2025-39853"
},
{
"category": "external",
"summary": "SUSE Bug 1250275 for CVE-2025-39853",
"url": "https://bugzilla.suse.com/1250275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39853"
},
{
"cve": "CVE-2025-39854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL access of tx-\u003ein_use in ice_ll_ts_intr\n\nRecent versions of the E810 firmware have support for an extra interrupt to\nhandle report of the \"low latency\" Tx timestamps coming from the\nspecialized low latency firmware interface. Instead of polling the\nregisters, software can wait until the low latency interrupt is fired.\n\nThis logic makes use of the Tx timestamp tracking structure, ice_ptp_tx, as\nit uses the same \"ready\" bitmap to track which Tx timestamps complete.\n\nUnfortunately, the ice_ll_ts_intr() function does not check if the\ntracker is initialized before its first access. This results in NULL\ndereference or use-after-free bugs similar to the issues fixed in the\nice_ptp_ts_irq() function.\n\nFix this by only checking the in_use bitmap (and other fields) if the\ntracker is marked as initialized. The reset flow will clear the init field\nunder lock before it tears the tracker down, thus preventing any\nuse-after-free or NULL access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39854",
"url": "https://www.suse.com/security/cve/CVE-2025-39854"
},
{
"category": "external",
"summary": "SUSE Bug 1250297 for CVE-2025-39854",
"url": "https://bugzilla.suse.com/1250297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39854"
},
{
"cve": "CVE-2025-39857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()\n\nBUG: kernel NULL pointer dereference, address: 00000000000002ec\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainted: G OE 6.17.0-rc2+ #9 NONE\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\nWorkqueue: smc_hs_wq smc_listen_work [smc]\nRIP: 0010:smc_ib_is_sg_need_sync+0x9e/0xd0 [smc]\n...\nCall Trace:\n \u003cTASK\u003e\n smcr_buf_map_link+0x211/0x2a0 [smc]\n __smc_buf_create+0x522/0x970 [smc]\n smc_buf_create+0x3a/0x110 [smc]\n smc_find_rdma_v2_device_serv+0x18f/0x240 [smc]\n ? smc_vlan_by_tcpsk+0x7e/0xe0 [smc]\n smc_listen_find_device+0x1dd/0x2b0 [smc]\n smc_listen_work+0x30f/0x580 [smc]\n process_one_work+0x18c/0x340\n worker_thread+0x242/0x360\n kthread+0xe7/0x220\n ret_from_fork+0x13a/0x160\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nIf the software RoCE device is used, ibdev-\u003edma_device is a null pointer.\nAs a result, the problem occurs. Null pointer detection is added to\nprevent problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39857",
"url": "https://www.suse.com/security/cve/CVE-2025-39857"
},
{
"category": "external",
"summary": "SUSE Bug 1250251 for CVE-2025-39857",
"url": "https://bugzilla.suse.com/1250251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39857"
},
{
"cve": "CVE-2025-39860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) \u003c-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) \u003c-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) \u003c-- last refcnt\n bt_accept_unlink(sk) \u003c-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet\u0027s call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \u003c/TASK\u003e\n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39860",
"url": "https://www.suse.com/security/cve/CVE-2025-39860"
},
{
"category": "external",
"summary": "SUSE Bug 1250247 for CVE-2025-39860",
"url": "https://bugzilla.suse.com/1250247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39860"
},
{
"cve": "CVE-2025-39861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: vhci: Prevent use-after-free by removing debugfs files early\n\nMove the creation of debugfs files into a dedicated function, and ensure\nthey are explicitly removed during vhci_release(), before associated\ndata structures are freed.\n\nPreviously, debugfs files such as \"force_suspend\", \"force_wakeup\", and\nothers were created under hdev-\u003edebugfs but not removed in\nvhci_release(). Since vhci_release() frees the backing vhci_data\nstructure, any access to these files after release would result in\nuse-after-free errors.\n\nAlthough hdev-\u003edebugfs is later freed in hci_release_dev(), user can\naccess files after vhci_data is freed but before hdev-\u003edebugfs is\nreleased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39861",
"url": "https://www.suse.com/security/cve/CVE-2025-39861"
},
{
"category": "external",
"summary": "SUSE Bug 1250249 for CVE-2025-39861",
"url": "https://bugzilla.suse.com/1250249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39861"
},
{
"cve": "CVE-2025-39863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work\n\nThe brcmf_btcoex_detach() only shuts down the btcoex timer, if the\nflag timer_on is false. However, the brcmf_btcoex_timerfunc(), which\nruns as timer handler, sets timer_on to false. This creates critical\nrace conditions:\n\n1.If brcmf_btcoex_detach() is called while brcmf_btcoex_timerfunc()\nis executing, it may observe timer_on as false and skip the call to\ntimer_shutdown_sync().\n\n2.The brcmf_btcoex_timerfunc() may then reschedule the brcmf_btcoex_info\nworker after the cancel_work_sync() has been executed, resulting in\nuse-after-free bugs.\n\nThe use-after-free bugs occur in two distinct scenarios, depending on\nthe timing of when the brcmf_btcoex_info struct is freed relative to\nthe execution of its worker thread.\n\nScenario 1: Freed before the worker is scheduled\n\nThe brcmf_btcoex_info is deallocated before the worker is scheduled.\nA race condition can occur when schedule_work(\u0026bt_local-\u003ework) is\ncalled after the target memory has been freed. The sequence of events\nis detailed below:\n\nCPU0 | CPU1\nbrcmf_btcoex_detach | brcmf_btcoex_timerfunc\n | bt_local-\u003etimer_on = false;\n if (cfg-\u003ebtcoex-\u003etimer_on) |\n ... |\n cancel_work_sync(); |\n ... |\n kfree(cfg-\u003ebtcoex); // FREE |\n | schedule_work(\u0026bt_local-\u003ework); // USE\n\nScenario 2: Freed after the worker is scheduled\n\nThe brcmf_btcoex_info is freed after the worker has been scheduled\nbut before or during its execution. In this case, statements within\nthe brcmf_btcoex_handler() - such as the container_of macro and\nsubsequent dereferences of the brcmf_btcoex_info object will cause\na use-after-free access. The following timeline illustrates this\nscenario:\n\nCPU0 | CPU1\nbrcmf_btcoex_detach | brcmf_btcoex_timerfunc\n | bt_local-\u003etimer_on = false;\n if (cfg-\u003ebtcoex-\u003etimer_on) |\n ... |\n cancel_work_sync(); |\n ... | schedule_work(); // Reschedule\n |\n kfree(cfg-\u003ebtcoex); // FREE | brcmf_btcoex_handler() // Worker\n /* | btci = container_of(....); // USE\n The kfree() above could | ...\n also occur at any point | btci-\u003e // USE\n during the worker\u0027s execution|\n */ |\n\nTo resolve the race conditions, drop the conditional check and call\ntimer_shutdown_sync() directly. It can deactivate the timer reliably,\nregardless of its current state. Once stopped, the timer_on state is\nthen set to false.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39863",
"url": "https://www.suse.com/security/cve/CVE-2025-39863"
},
{
"category": "external",
"summary": "SUSE Bug 1250281 for CVE-2025-39863",
"url": "https://bugzilla.suse.com/1250281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39863"
},
{
"cve": "CVE-2025-39864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: fix use-after-free in cmp_bss()\n\nFollowing bss_free() quirk introduced in commit 776b3580178f\n(\"cfg80211: track hidden SSID networks properly\"), adjust\ncfg80211_update_known_bss() to free the last beacon frame\nelements only if they\u0027re not shared via the corresponding\n\u0027hidden_beacon_bss\u0027 pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39864",
"url": "https://www.suse.com/security/cve/CVE-2025-39864"
},
{
"category": "external",
"summary": "SUSE Bug 1250242 for CVE-2025-39864",
"url": "https://bugzilla.suse.com/1250242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39864"
},
{
"cve": "CVE-2025-39865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: fix NULL pointer dereference in tee_shm_put\n\ntee_shm_put have NULL pointer dereference:\n\n__optee_disable_shm_cache --\u003e\n\tshm = reg_pair_to_ptr(...);//shm maybe return NULL\n tee_shm_free(shm); --\u003e\n\t\ttee_shm_put(shm);//crash\n\nAdd check in tee_shm_put to fix it.\n\npanic log:\nUnable to handle kernel paging request at virtual address 0000000000100cca\nMem abort info:\nESR = 0x0000000096000004\nEC = 0x25: DABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x04: level 0 translation fault\nData abort info:\nISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\nCM = 0, WnR = 0, TnD = 0, TagAccess = 0\nGCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=0000002049d07000\n[0000000000100cca] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] SMP\nCPU: 2 PID: 14442 Comm: systemd-sleep Tainted: P OE ------- ----\n6.6.0-39-generic #38\nSource Version: 938b255f6cb8817c95b0dd5c8c2944acfce94b07\nHardware name: greatwall GW-001Y1A-FTH, BIOS Great Wall BIOS V3.0\n10/26/2022\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tee_shm_put+0x24/0x188\nlr : tee_shm_free+0x14/0x28\nsp : ffff001f98f9faf0\nx29: ffff001f98f9faf0 x28: ffff0020df543cc0 x27: 0000000000000000\nx26: ffff001f811344a0 x25: ffff8000818dac00 x24: ffff800082d8d048\nx23: ffff001f850fcd18 x22: 0000000000000001 x21: ffff001f98f9fb88\nx20: ffff001f83e76218 x19: ffff001f83e761e0 x18: 000000000000ffff\nx17: 303a30303a303030 x16: 0000000000000000 x15: 0000000000000003\nx14: 0000000000000001 x13: 0000000000000000 x12: 0101010101010101\nx11: 0000000000000001 x10: 0000000000000001 x9 : ffff800080e08d0c\nx8 : ffff001f98f9fb88 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff001f83e761e0 x1 : 00000000ffff001f x0 : 0000000000100cca\nCall trace:\ntee_shm_put+0x24/0x188\ntee_shm_free+0x14/0x28\n__optee_disable_shm_cache+0xa8/0x108\noptee_shutdown+0x28/0x38\nplatform_shutdown+0x28/0x40\ndevice_shutdown+0x144/0x2b0\nkernel_power_off+0x3c/0x80\nhibernate+0x35c/0x388\nstate_store+0x64/0x80\nkobj_attr_store+0x14/0x28\nsysfs_kf_write+0x48/0x60\nkernfs_fop_write_iter+0x128/0x1c0\nvfs_write+0x270/0x370\nksys_write+0x6c/0x100\n__arm64_sys_write+0x20/0x30\ninvoke_syscall+0x4c/0x120\nel0_svc_common.constprop.0+0x44/0xf0\ndo_el0_svc+0x24/0x38\nel0_svc+0x24/0x88\nel0t_64_sync_handler+0x134/0x150\nel0t_64_sync+0x14c/0x15",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39865",
"url": "https://www.suse.com/security/cve/CVE-2025-39865"
},
{
"category": "external",
"summary": "SUSE Bug 1250294 for CVE-2025-39865",
"url": "https://bugzilla.suse.com/1250294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39865"
},
{
"cve": "CVE-2025-39869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Fix memory allocation size for queue_priority_map\n\nFix a critical memory allocation bug in edma_setup_from_hw() where\nqueue_priority_map was allocated with insufficient memory. The code\ndeclared queue_priority_map as s8 (*)[2] (pointer to array of 2 s8),\nbut allocated memory using sizeof(s8) instead of the correct size.\n\nThis caused out-of-bounds memory writes when accessing:\n queue_priority_map[i][0] = i;\n queue_priority_map[i][1] = i;\n\nThe bug manifested as kernel crashes with \"Oops - undefined instruction\"\non ARM platforms (BeagleBoard-X15) during EDMA driver probe, as the\nmemory corruption triggered kernel hardening features on Clang.\n\nChange the allocation to use sizeof(*queue_priority_map) which\nautomatically gets the correct size for the 2D array structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39869",
"url": "https://www.suse.com/security/cve/CVE-2025-39869"
},
{
"category": "external",
"summary": "SUSE Bug 1250406 for CVE-2025-39869",
"url": "https://bugzilla.suse.com/1250406"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39869"
},
{
"cve": "CVE-2025-39870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix double free in idxd_setup_wqs()\n\nThe clean up in idxd_setup_wqs() has had a couple bugs because the error\nhandling is a bit subtle. It\u0027s simpler to just re-write it in a cleaner\nway. The issues here are:\n\n1) If \"idxd-\u003emax_wqs\" is \u003c= 0 then we call put_device(conf_dev) when\n \"conf_dev\" hasn\u0027t been initialized.\n2) If kzalloc_node() fails then again \"conf_dev\" is invalid. It\u0027s\n either uninitialized or it points to the \"conf_dev\" from the\n previous iteration so it leads to a double free.\n\nIt\u0027s better to free partial loop iterations within the loop and then\nthe unwinding at the end can handle whole loop iterations. I also\nrenamed the labels to describe what the goto does and not where the goto\nwas located.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39870",
"url": "https://www.suse.com/security/cve/CVE-2025-39870"
},
{
"category": "external",
"summary": "SUSE Bug 1250402 for CVE-2025-39870",
"url": "https://bugzilla.suse.com/1250402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39870"
},
{
"cve": "CVE-2025-39871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Remove improper idxd_free\n\nThe call to idxd_free() introduces a duplicate put_device() leading to a\nreference count underflow:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 15 PID: 4428 at lib/refcount.c:28 refcount_warn_saturate+0xbe/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n idxd_remove+0xe4/0x120 [idxd]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x197/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x74/0xf0\n pci_unregister_driver+0x2e/0xb0\n idxd_exit_module+0x34/0x7a0 [idxd]\n __do_sys_delete_module.constprop.0+0x183/0x280\n do_syscall_64+0x54/0xd70\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe idxd_unregister_devices() which is invoked at the very beginning of\nidxd_remove(), already takes care of the necessary put_device() through the\nfollowing call path:\nidxd_unregister_devices() -\u003e device_unregister() -\u003e put_device()\n\nIn addition, when CONFIG_DEBUG_KOBJECT_RELEASE is enabled, put_device() may\ntrigger asynchronous cleanup via schedule_delayed_work(). If idxd_free() is\ncalled immediately after, it can result in a use-after-free.\n\nRemove the improper idxd_free() to avoid both the refcount underflow and\npotential memory corruption during module unload.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39871",
"url": "https://www.suse.com/security/cve/CVE-2025-39871"
},
{
"category": "external",
"summary": "SUSE Bug 1250377 for CVE-2025-39871",
"url": "https://bugzilla.suse.com/1250377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39871"
},
{
"cve": "CVE-2025-39873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB\n\ncan_put_echo_skb() takes ownership of the SKB and it may be freed\nduring or after the call.\n\nHowever, xilinx_can xcan_write_frame() keeps using SKB after the call.\n\nFix that by only calling can_put_echo_skb() after the code is done\ntouching the SKB.\n\nThe tx_lock is held for the entire xcan_write_frame() execution and\nalso on the can_get_echo_skb() side so the order of operations does not\nmatter.\n\nAn earlier fix commit 3d3c817c3a40 (\"can: xilinx_can: Fix usage of skb\nmemory\") did not move the can_put_echo_skb() call far enough.\n\n[mkl: add \"commit\" in front of sha1 in patch description]\n[mkl: fix indention]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39873",
"url": "https://www.suse.com/security/cve/CVE-2025-39873"
},
{
"category": "external",
"summary": "SUSE Bug 1250371 for CVE-2025-39873",
"url": "https://bugzilla.suse.com/1250371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39873"
},
{
"cve": "CVE-2025-39882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: fix potential OF node use-after-free\n\nThe for_each_child_of_node() helper drops the reference it takes to each\nnode as it iterates over children and an explicit of_node_put() is only\nneeded when exiting the loop early.\n\nDrop the recently introduced bogus additional reference count decrement\nat each iteration that could potentially lead to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39882",
"url": "https://www.suse.com/security/cve/CVE-2025-39882"
},
{
"category": "external",
"summary": "SUSE Bug 1250389 for CVE-2025-39882",
"url": "https://bugzilla.suse.com/1250389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39882"
},
{
"cve": "CVE-2025-39885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix recursive semaphore deadlock in fiemap call\n\nsyzbot detected a OCFS2 hang due to a recursive semaphore on a\nFS_IOC_FIEMAP of the extent list on a specially crafted mmap file.\n\ncontext_switch kernel/sched/core.c:5357 [inline]\n __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961\n __schedule_loop kernel/sched/core.c:7043 [inline]\n schedule+0x165/0x360 kernel/sched/core.c:7058\n schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7115\n rwsem_down_write_slowpath+0x872/0xfe0 kernel/locking/rwsem.c:1185\n __down_write_common kernel/locking/rwsem.c:1317 [inline]\n __down_write kernel/locking/rwsem.c:1326 [inline]\n down_write+0x1ab/0x1f0 kernel/locking/rwsem.c:1591\n ocfs2_page_mkwrite+0x2ff/0xc40 fs/ocfs2/mmap.c:142\n do_page_mkwrite+0x14d/0x310 mm/memory.c:3361\n wp_page_shared mm/memory.c:3762 [inline]\n do_wp_page+0x268d/0x5800 mm/memory.c:3981\n handle_pte_fault mm/memory.c:6068 [inline]\n __handle_mm_fault+0x1033/0x5440 mm/memory.c:6195\n handle_mm_fault+0x40a/0x8e0 mm/memory.c:6364\n do_user_addr_fault+0x764/0x1390 arch/x86/mm/fault.c:1387\n handle_page_fault arch/x86/mm/fault.c:1476 [inline]\n exc_page_fault+0x76/0xf0 arch/x86/mm/fault.c:1532\n asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623\nRIP: 0010:copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]\nRIP: 0010:raw_copy_to_user arch/x86/include/asm/uaccess_64.h:147 [inline]\nRIP: 0010:_inline_copy_to_user include/linux/uaccess.h:197 [inline]\nRIP: 0010:_copy_to_user+0x85/0xb0 lib/usercopy.c:26\nCode: e8 00 bc f7 fc 4d 39 fc 72 3d 4d 39 ec 77 38 e8 91 b9 f7 fc 4c 89\nf7 89 de e8 47 25 5b fd 0f 01 cb 4c 89 ff 48 89 d9 4c 89 f6 \u003cf3\u003e a4 0f\n1f 00 48 89 cb 0f 01 ca 48 89 d8 5b 41 5c 41 5d 41 5e 41\nRSP: 0018:ffffc9000403f950 EFLAGS: 00050256\nRAX: ffffffff84c7f101 RBX: 0000000000000038 RCX: 0000000000000038\nRDX: 0000000000000000 RSI: ffffc9000403f9e0 RDI: 0000200000000060\nRBP: ffffc9000403fa90 R08: ffffc9000403fa17 R09: 1ffff92000807f42\nR10: dffffc0000000000 R11: fffff52000807f43 R12: 0000200000000098\nR13: 00007ffffffff000 R14: ffffc9000403f9e0 R15: 0000200000000060\n copy_to_user include/linux/uaccess.h:225 [inline]\n fiemap_fill_next_extent+0x1c0/0x390 fs/ioctl.c:145\n ocfs2_fiemap+0x888/0xc90 fs/ocfs2/extent_map.c:806\n ioctl_fiemap fs/ioctl.c:220 [inline]\n do_vfs_ioctl+0x1173/0x1430 fs/ioctl.c:532\n __do_sys_ioctl fs/ioctl.c:596 [inline]\n __se_sys_ioctl+0x82/0x170 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f5f13850fd9\nRSP: 002b:00007ffe3b3518b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f5f13850fd9\nRDX: 0000200000000040 RSI: 00000000c020660b RDI: 0000000000000004\nRBP: 6165627472616568 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3b3518f0\nR13: 00007ffe3b351b18 R14: 431bde82d7b634db R15: 00007f5f1389a03b\n\nocfs2_fiemap() takes a read lock of the ip_alloc_sem semaphore (since\nv2.6.22-527-g7307de80510a) and calls fiemap_fill_next_extent() to read the\nextent list of this running mmap executable. The user supplied buffer to\nhold the fiemap information page faults calling ocfs2_page_mkwrite() which\nwill take a write lock (since v2.6.27-38-g00dc417fa3e7) of the same\nsemaphore. This recursive semaphore will hold filesystem locks and causes\na hang of the fileystem.\n\nThe ip_alloc_sem protects the inode extent list and size. Release the\nread semphore before calling fiemap_fill_next_extent() in ocfs2_fiemap()\nand ocfs2_fiemap_inline(). This does an unnecessary semaphore lock/unlock\non the last extent but simplifies the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39885",
"url": "https://www.suse.com/security/cve/CVE-2025-39885"
},
{
"category": "external",
"summary": "SUSE Bug 1250407 for CVE-2025-39885",
"url": "https://bugzilla.suse.com/1250407"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39885"
},
{
"cve": "CVE-2025-39889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: Check encryption key size on incoming connection\n\nThis is required for passing GAP/SEC/SEM/BI-04-C PTS test case:\n Security Mode 4 Level 4, Responder - Invalid Encryption Key Size\n - 128 bit\n\nThis tests the security key with size from 1 to 15 bytes while the\nSecurity Mode 4 Level 4 requests 16 bytes key size.\n\nCurrently PTS fails with the following logs:\n- expected:Connection Response:\n Code: [3 (0x03)] Code\n Identifier: (lt)WildCard: Exists(gt)\n Length: [8 (0x0008)]\n Destination CID: (lt)WildCard: Exists(gt)\n Source CID: [64 (0x0040)]\n Result: [3 (0x0003)] Connection refused - Security block\n Status: (lt)WildCard: Exists(gt),\nbut received:Connection Response:\n Code: [3 (0x03)] Code\n Identifier: [1 (0x01)]\n Length: [8 (0x0008)]\n Destination CID: [64 (0x0040)]\n Source CID: [64 (0x0040)]\n Result: [0 (0x0000)] Connection Successful\n Status: [0 (0x0000)] No further information available\n\nAnd HCI logs:\n\u003c HCI Command: Read Encrypti.. (0x05|0x0008) plen 2\n Handle: 14 Address: 00:1B:DC:F2:24:10 (Vencer Co., Ltd.)\n\u003e HCI Event: Command Complete (0x0e) plen 7\n Read Encryption Key Size (0x05|0x0008) ncmd 1\n Status: Success (0x00)\n Handle: 14 Address: 00:1B:DC:F2:24:10 (Vencer Co., Ltd.)\n Key size: 7\n\u003e ACL Data RX: Handle 14 flags 0x02 dlen 12\n L2CAP: Connection Request (0x02) ident 1 len 4\n PSM: 4097 (0x1001)\n Source CID: 64\n\u003c ACL Data TX: Handle 14 flags 0x00 dlen 16\n L2CAP: Connection Response (0x03) ident 1 len 8\n Destination CID: 64\n Source CID: 64\n Result: Connection successful (0x0000)\n Status: No further information available (0x0000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39889",
"url": "https://www.suse.com/security/cve/CVE-2025-39889"
},
{
"category": "external",
"summary": "SUSE Bug 1249833 for CVE-2025-39889",
"url": "https://bugzilla.suse.com/1249833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39889"
},
{
"cve": "CVE-2025-39891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Initialize the chan_stats array to zero\n\nThe adapter-\u003echan_stats[] array is initialized in\nmwifiex_init_channel_scan_gap() with vmalloc(), which doesn\u0027t zero out\nmemory. The array is filled in mwifiex_update_chan_statistics()\nand then the user can query the data in mwifiex_cfg80211_dump_survey().\n\nThere are two potential issues here. What if the user calls\nmwifiex_cfg80211_dump_survey() before the data has been filled in.\nAlso the mwifiex_update_chan_statistics() function doesn\u0027t necessarily\ninitialize the whole array. Since the array was not initialized at\nthe start that could result in an information leak.\n\nAlso this array is pretty small. It\u0027s a maximum of 900 bytes so it\u0027s\nmore appropriate to use kcalloc() instead vmalloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39891",
"url": "https://www.suse.com/security/cve/CVE-2025-39891"
},
{
"category": "external",
"summary": "SUSE Bug 1250712 for CVE-2025-39891",
"url": "https://bugzilla.suse.com/1250712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39891"
},
{
"cve": "CVE-2025-39907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer\n\nAvoid below overlapping mappings by using a contiguous\nnon-cacheable buffer.\n\n[ 4.077708] DMA-API: stm32_fmc2_nfc 48810000.nand-controller: cacheline tracking EEXIST,\noverlapping mappings aren\u0027t supported\n[ 4.089103] WARNING: CPU: 1 PID: 44 at kernel/dma/debug.c:568 add_dma_entry+0x23c/0x300\n[ 4.097071] Modules linked in:\n[ 4.100101] CPU: 1 PID: 44 Comm: kworker/u4:2 Not tainted 6.1.82 #1\n[ 4.106346] Hardware name: STMicroelectronics STM32MP257F VALID1 SNOR / MB1704 (LPDDR4 Power discrete) + MB1703 + MB1708 (SNOR MB1730) (DT)\n[ 4.118824] Workqueue: events_unbound deferred_probe_work_func\n[ 4.124674] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.131624] pc : add_dma_entry+0x23c/0x300\n[ 4.135658] lr : add_dma_entry+0x23c/0x300\n[ 4.139792] sp : ffff800009dbb490\n[ 4.143016] x29: ffff800009dbb4a0 x28: 0000000004008022 x27: ffff8000098a6000\n[ 4.150174] x26: 0000000000000000 x25: ffff8000099e7000 x24: ffff8000099e7de8\n[ 4.157231] x23: 00000000ffffffff x22: 0000000000000000 x21: ffff8000098a6a20\n[ 4.164388] x20: ffff000080964180 x19: ffff800009819ba0 x18: 0000000000000006\n[ 4.171545] x17: 6361727420656e69 x16: 6c6568636163203a x15: 72656c6c6f72746e\n[ 4.178602] x14: 6f632d646e616e2e x13: ffff800009832f58 x12: 00000000000004ec\n[ 4.185759] x11: 00000000000001a4 x10: ffff80000988af58 x9 : ffff800009832f58\n[ 4.192916] x8 : 00000000ffffefff x7 : ffff80000988af58 x6 : 80000000fffff000\n[ 4.199972] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000\n[ 4.207128] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000812d2c40\n[ 4.214185] Call trace:\n[ 4.216605] add_dma_entry+0x23c/0x300\n[ 4.220338] debug_dma_map_sg+0x198/0x350\n[ 4.224373] __dma_map_sg_attrs+0xa0/0x110\n[ 4.228411] dma_map_sg_attrs+0x10/0x2c\n[ 4.232247] stm32_fmc2_nfc_xfer.isra.0+0x1c8/0x3fc\n[ 4.237088] stm32_fmc2_nfc_seq_read_page+0xc8/0x174\n[ 4.242127] nand_read_oob+0x1d4/0x8e0\n[ 4.245861] mtd_read_oob_std+0x58/0x84\n[ 4.249596] mtd_read_oob+0x90/0x150\n[ 4.253231] mtd_read+0x68/0xac",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39907",
"url": "https://www.suse.com/security/cve/CVE-2025-39907"
},
{
"category": "external",
"summary": "SUSE Bug 1250713 for CVE-2025-39907",
"url": "https://bugzilla.suse.com/1250713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39907"
},
{
"cve": "CVE-2025-39920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npcmcia: Add error handling for add_interval() in do_validate_mem()\n\nIn the do_validate_mem(), the call to add_interval() does not\nhandle errors. If kmalloc() fails in add_interval(), it could\nresult in a null pointer being inserted into the linked list,\nleading to illegal memory access when sub_interval() is called\nnext.\n\nThis patch adds an error handling for the add_interval(). If\nadd_interval() returns an error, the function will return early\nwith the error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39920",
"url": "https://www.suse.com/security/cve/CVE-2025-39920"
},
{
"category": "external",
"summary": "SUSE Bug 1250732 for CVE-2025-39920",
"url": "https://bugzilla.suse.com/1250732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39920"
},
{
"cve": "CVE-2025-39923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees\n\nWhen we don\u0027t have a clock specified in the device tree, we have no way to\nensure the BAM is on. This is often the case for remotely-controlled or\nremotely-powered BAM instances. In this case, we need to read num-channels\nfrom the DT to have all the necessary information to complete probing.\n\nHowever, at the moment invalid device trees without clock and without\nnum-channels still continue probing, because the error handling is missing\nreturn statements. The driver will then later try to read the number of\nchannels from the registers. This is unsafe, because it relies on boot\nfirmware and lucky timing to succeed. Unfortunately, the lack of proper\nerror handling here has been abused for several Qualcomm SoCs upstream,\ncausing early boot crashes in several situations [1, 2].\n\nAvoid these early crashes by erroring out when any of the required DT\nproperties are missing. Note that this will break some of the existing DTs\nupstream (mainly BAM instances related to the crypto engine). However,\nclearly these DTs have never been tested properly, since the error in the\nkernel log was just ignored. It\u0027s safer to disable the crypto engine for\nthese broken DTBs.\n\n[1]: https://lore.kernel.org/r/CY01EKQVWE36.B9X5TDXAREPF@fairphone.com/\n[2]: https://lore.kernel.org/r/20230626145959.646747-1-krzysztof.kozlowski@linaro.org/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39923",
"url": "https://www.suse.com/security/cve/CVE-2025-39923"
},
{
"category": "external",
"summary": "SUSE Bug 1250741 for CVE-2025-39923",
"url": "https://bugzilla.suse.com/1250741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39923"
},
{
"cve": "CVE-2025-39925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: implement NETDEV_UNREGISTER notification handler\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for vcan0 to become free. Usage count = 2\n\nproblem, for j1939 protocol did not have NETDEV_UNREGISTER notification\nhandler for undoing changes made by j1939_sk_bind().\n\nCommit 25fe97cb7620 (\"can: j1939: move j1939_priv_put() into sk_destruct\ncallback\") expects that a call to j1939_priv_put() can be unconditionally\ndelayed until j1939_sk_sock_destruct() is called. But we need to call\nj1939_priv_put() against an extra ref held by j1939_sk_bind() call\n(as a part of undoing changes made by j1939_sk_bind()) as soon as\nNETDEV_UNREGISTER notification fires (i.e. before j1939_sk_sock_destruct()\nis called via j1939_sk_release()). Otherwise, the extra ref on \"struct\nj1939_priv\" held by j1939_sk_bind() call prevents \"struct net_device\" from\ndropping the usage count to 1; making it impossible for\nunregister_netdevice() to continue.\n\n[mkl: remove space in front of label]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39925",
"url": "https://www.suse.com/security/cve/CVE-2025-39925"
},
{
"category": "external",
"summary": "SUSE Bug 1250736 for CVE-2025-39925",
"url": "https://bugzilla.suse.com/1250736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-39925"
},
{
"cve": "CVE-2025-40300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40300"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmscape: Add conditional IBPB mitigation\n\nVMSCAPE is a vulnerability that exploits insufficient branch predictor\nisolation between a guest and a userspace hypervisor (like QEMU). Existing\nmitigations already protect kernel/KVM from a malicious guest. Userspace\ncan additionally be protected by flushing the branch predictors after a\nVMexit.\n\nSince it is the userspace that consumes the poisoned branch predictors,\nconditionally issue an IBPB after a VMexit and before returning to\nuserspace. Workloads that frequently switch between hypervisor and\nuserspace will incur the most overhead from the new IBPB.\n\nThis new IBPB is not integrated with the existing IBPB sites. For\ninstance, a task can use the existing speculation control prctl() to\nget an IBPB at context switch time. With this implementation, the\nIBPB is doubled up: one at context switch and another before running\nuserspace.\n\nThe intent is to integrate and optimize these cases post-embargo.\n\n[ dhansen: elaborate on suboptimal IBPB solution ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40300",
"url": "https://www.suse.com/security/cve/CVE-2025-40300"
},
{
"category": "external",
"summary": "SUSE Bug 1249561 for CVE-2025-40300",
"url": "https://bugzilla.suse.com/1249561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.52.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.52.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.52.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-17T14:32:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-40300"
}
]
}
suse-su-2025:03290-1
Vulnerability from csaf_suse
Published
2025-09-22 12:34
Modified
2025-09-22 12:34
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).
- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- Fix 'drm/amdgpu: read back register after written for VCN v4.0.5' (bsc#1248370).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes).
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes).
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes).
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes).
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes).
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes).
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes).
- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes).
- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes).
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes).
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).
- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes).
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708).
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).
- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Initialize mode_select to 0 (stable-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).
- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).
- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).
- drm/amd/pm: fix null pointer access (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu/swm14: Update power limit logic (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).
- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: fix vram reservation issue (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/bridge: fix OF node leak (git-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).
- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).
- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).
- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).
- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).
- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).
- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).
- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).
- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).
- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: update the high bitfield of certain DSI registers (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/tests: Fix endian warning (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).
- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).
- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).
- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).
- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).
- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).
- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).
- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).
- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).
- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).
- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).
- ixgbe: prevent from unwanted interface name changes (git-fixes).
- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).
- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).
- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- kselftest/runner.sh: add netns support.
- kselftests: Sort the collections list to avoid duplicate tests.
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- livepatch: Add 'replace' sysfs attribute (poo#187320).
- livepatch: Add stack_order sysfs attribute (poo#187320).
- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE.
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/livepatch: Add selftests for 'replace' sysfs attribute.
- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).
- selftests/livepatch: Replace hardcoded module name.
- selftests/livepatch: define max test-syscall processes.
- selftests/livepatch: fix and refactor new dmesg message code.
- selftests/livepatch: wait for atomic replace to occur.
- selftests/run_kselftest.sh: Fix help string for --per-test-log.
- selftests/run_kselftest.sh: Use readlink if realpath is not available.
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: allow runners to override the timeout.
- selftests: livepatch: Avoid running the tests for certain kernel-devel situations.
- selftests: livepatch: Test atomic replace against multiple modules.
- selftests: livepatch: Test livepatching a heavily called syscall.
- selftests: livepatch: add new ftrace helpers functions.
- selftests: livepatch: add test cases of stack_order sysfs interface.
- selftests: livepatch: handle PRINTK_CALLER in check_result().
- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR.
- selftests: livepatch: save and restore kprobe state.
- selftests: livepatch: test if ftrace can trace a livepatched function.
- selftests: livepatch: test livepatching a kprobed function.
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- serial: core: fix OF node leak (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: avoid weird state in error path (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-2025-3290,SUSE-SLE-Module-Basesystem-15-SP7-2025-3290,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3290,SUSE-SLE-Module-Legacy-15-SP7-2025-3290,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3290,SUSE-SLE-Product-HA-15-SP7-2025-3290,SUSE-SLE-Product-WE-15-SP7-2025-3290
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).\n- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- Fix \u0027drm/amdgpu: read back register after written for VCN v4.0.5\u0027 (bsc#1248370).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes).\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes).\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes).\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes).\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes).\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes).\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes).\n- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes).\n- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes).\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes).\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).\n- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes).\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708).\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).\n- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Initialize mode_select to 0 (stable-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).\n- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).\n- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).\n- drm/amd/pm: fix null pointer access (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu/swm14: Update power limit logic (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).\n- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: fix vram reservation issue (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/bridge: fix OF node leak (git-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).\n- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).\n- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).\n- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).\n- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).\n- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).\n- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).\n- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).\n- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).\n- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: update the high bitfield of certain DSI registers (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/tests: Fix endian warning (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).\n- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).\n- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).\n- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).\n- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).\n- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).\n- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).\n- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).\n- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).\n- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).\n- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).\n- ixgbe: prevent from unwanted interface name changes (git-fixes).\n- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- kselftest/runner.sh: add netns support.\n- kselftests: Sort the collections list to avoid duplicate tests.\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- livepatch: Add \u0027replace\u0027 sysfs attribute (poo#187320).\n- livepatch: Add stack_order sysfs attribute (poo#187320).\n- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (git-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE.\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/livepatch: Add selftests for \u0027replace\u0027 sysfs attribute.\n- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).\n- selftests/livepatch: Replace hardcoded module name.\n- selftests/livepatch: define max test-syscall processes.\n- selftests/livepatch: fix and refactor new dmesg message code.\n- selftests/livepatch: wait for atomic replace to occur.\n- selftests/run_kselftest.sh: Fix help string for --per-test-log.\n- selftests/run_kselftest.sh: Use readlink if realpath is not available.\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: allow runners to override the timeout.\n- selftests: livepatch: Avoid running the tests for certain kernel-devel situations.\n- selftests: livepatch: Test atomic replace against multiple modules.\n- selftests: livepatch: Test livepatching a heavily called syscall.\n- selftests: livepatch: add new ftrace helpers functions.\n- selftests: livepatch: add test cases of stack_order sysfs interface.\n- selftests: livepatch: handle PRINTK_CALLER in check_result().\n- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR.\n- selftests: livepatch: save and restore kprobe state.\n- selftests: livepatch: test if ftrace can trace a livepatched function.\n- selftests: livepatch: test livepatching a kprobed function.\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- serial: core: fix OF node leak (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: avoid weird state in error path (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3290,SUSE-SLE-Module-Basesystem-15-SP7-2025-3290,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3290,SUSE-SLE-Module-Legacy-15-SP7-2025-3290,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3290,SUSE-SLE-Product-HA-15-SP7-2025-3290,SUSE-SLE-Product-WE-15-SP7-2025-3290",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03290-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03290-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503290-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03290-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041793.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1170284",
"url": "https://bugzilla.suse.com/1170284"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1232089",
"url": "https://bugzilla.suse.com/1232089"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245410",
"url": "https://bugzilla.suse.com/1245410"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247290",
"url": "https://bugzilla.suse.com/1247290"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248175",
"url": "https://bugzilla.suse.com/1248175"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248232",
"url": "https://bugzilla.suse.com/1248232"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248334",
"url": "https://bugzilla.suse.com/1248334"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248370",
"url": "https://bugzilla.suse.com/1248370"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248647",
"url": "https://bugzilla.suse.com/1248647"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38440 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38511 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38521 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-22T12:34:19Z",
"generator": {
"date": "2025-09-22T12:34:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03290-1",
"initial_release_date": "2025-09-22T12:34:19Z",
"revision_history": [
{
"date": "2025-09-22T12:34:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-altera-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-amd-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-apm-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-apple-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-arm-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-lg-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150700.53.16.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"product_id": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.16.1.aarch64",
"product_id": "kernel-syms-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.16.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150700.53.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-devel-6.4.0-150700.53.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-docs-6.4.0-150700.53.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150700.53.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-macros-6.4.0-150700.53.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-source-6.4.0-150700.53.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150700.53.16.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150700.53.16.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150700.53.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"product_id": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"product_id": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-syms-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"product_id": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.16.1.150700.17.11.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.16.1.x86_64",
"product_id": "kernel-syms-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150700.53.16.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150700.53.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150700.53.16.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150700.53.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150700.53.16.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150700.53.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150700.53.16.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150700.53.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150700.53.16.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150700.53.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-49996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType\u0027s size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf-\u003eDataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49996",
"url": "https://www.suse.com/security/cve/CVE-2024-49996"
},
{
"category": "external",
"summary": "SUSE Bug 1232089 for CVE-2024-49996",
"url": "https://bugzilla.suse.com/1232089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-49996"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix race between DIM disable and net_dim()\n\nThere\u0027s a race between disabling DIM and NAPI callbacks using the dim\npointer on the RQ or SQ.\n\nIf NAPI checks the DIM state bit and sees it still set, it assumes\n`rq-\u003edim` or `sq-\u003edim` is valid. But if DIM gets disabled right after\nthat check, the pointer might already be set to NULL, leading to a NULL\npointer dereference in net_dim().\n\nFix this by calling `synchronize_net()` before freeing the DIM context.\nThis ensures all in-progress NAPI callbacks are finished before the\npointer is cleared.\n\nKernel log:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:net_dim+0x23/0x190\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? common_interrupt+0xf/0xa0\n ? sysvec_call_function_single+0xb/0x90\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? net_dim+0x23/0x190\n ? mlx5e_poll_ico_cq+0x41/0x6f0 [mlx5_core]\n ? sysvec_apic_timer_interrupt+0xb/0x90\n mlx5e_handle_rx_dim+0x92/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x2cd/0xac0 [mlx5_core]\n ? mlx5e_poll_ico_cq+0xe5/0x6f0 [mlx5_core]\n busy_poll_stop+0xa2/0x200\n ? mlx5e_napi_poll+0x1d9/0xac0 [mlx5_core]\n ? mlx5e_trigger_irq+0x130/0x130 [mlx5_core]\n __napi_busy_loop+0x345/0x3b0\n ? sysvec_call_function_single+0xb/0x90\n ? asm_sysvec_call_function_single+0x16/0x20\n ? sysvec_apic_timer_interrupt+0xb/0x90\n ? pcpu_free_area+0x1e4/0x2e0\n napi_busy_loop+0x11/0x20\n xsk_recvmsg+0x10c/0x130\n sock_recvmsg+0x44/0x70\n __sys_recvfrom+0xbc/0x130\n ? __schedule+0x398/0x890\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n...\n---[ end trace 0000000000000000 ]---\n...\n---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38440",
"url": "https://www.suse.com/security/cve/CVE-2025-38440"
},
{
"category": "external",
"summary": "SUSE Bug 1247290 for CVE-2025-38440",
"url": "https://bugzilla.suse.com/1247290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38440"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/pf: Clear all LMTT pages on alloc\n\nOur LMEM buffer objects are not cleared by default on alloc\nand during VF provisioning we only setup LMTT PTEs for the\nactually provisioned LMEM range. But beyond that valid range\nwe might leave some stale data that could either point to some\nother VFs allocations or even to the PF pages.\n\nExplicitly clear all new LMTT page to avoid the risk that a\nmalicious VF would try to exploit that gap.\n\nWhile around add asserts to catch any undesired PTE overwrites\nand low-level debug traces to track LMTT PT life-cycle.\n\n(cherry picked from commit 3fae6918a3e27cce20ded2551f863fb05d4bef8d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38511",
"url": "https://www.suse.com/security/cve/CVE-2025-38511"
},
{
"category": "external",
"summary": "SUSE Bug 1248175 for CVE-2025-38511",
"url": "https://bugzilla.suse.com/1248175"
},
{
"category": "external",
"summary": "SUSE Bug 1248176 for CVE-2025-38511",
"url": "https://bugzilla.suse.com/1248176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38511"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix kernel crash when hard resetting the GPU\n\nThe GPU hard reset sequence calls pm_runtime_force_suspend() and\npm_runtime_force_resume(), which according to their documentation should\nonly be used during system-wide PM transitions to sleep states.\n\nThe main issue though is that depending on some internal runtime PM\nstate as seen by pm_runtime_force_suspend() (whether the usage count is\n\u003c= 1), pm_runtime_force_resume() might not resume the device unless\nneeded. If that happens, the runtime PM resume callback\npvr_power_device_resume() is not called, the GPU clocks are not\nre-enabled, and the kernel crashes on the next attempt to access GPU\nregisters as part of the power-on sequence.\n\nReplace calls to pm_runtime_force_suspend() and\npm_runtime_force_resume() with direct calls to the driver\u0027s runtime PM\ncallbacks, pvr_power_device_suspend() and pvr_power_device_resume(),\nto ensure clocks are re-enabled and avoid the kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38521",
"url": "https://www.suse.com/security/cve/CVE-2025-38521"
},
{
"category": "external",
"summary": "SUSE Bug 1248232 for CVE-2025-38521",
"url": "https://bugzilla.suse.com/1248232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38521"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()\n\nIn ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to\nretrieve the ab pointer. In vdev delete sequence the arvif-\u003ear could\nbecome NULL and that would trigger kernel panic.\nSince the caller ath12k_dp_tx() already has a valid ab pointer, pass it\ndirectly to avoid panic and unnecessary dereferencing.\n\nPC points to \"ath12k_dp_tx+0x228/0x988 [ath12k]\"\nLR points to \"ath12k_dp_tx+0xc8/0x988 [ath12k]\".\nThe Backtrace obtained is as follows:\nath12k_dp_tx+0x228/0x988 [ath12k]\nath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]\nieee80211_process_measurement_req+0x320/0x348 [mac80211]\nieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]\nieee80211_tx_dequeue+0xb14/0x1518 [mac80211]\nieee80211_tx_prepare_skb+0x224/0x254 [mac80211]\nieee80211_xmit+0xec/0x100 [mac80211]\n__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]\nieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]\nnetdev_start_xmit+0x150/0x18c\ndev_hard_start_xmit+0x74/0xc0\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38605",
"url": "https://www.suse.com/security/cve/CVE-2025-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1248334 for CVE-2025-38605",
"url": "https://bugzilla.suse.com/1248334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the \u0027reg-dummy\u0027 platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38668",
"url": "https://www.suse.com/security/cve/CVE-2025-38668"
},
{
"category": "external",
"summary": "SUSE Bug 1248647 for CVE-2025-38668",
"url": "https://bugzilla.suse.com/1248647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38668"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_16-default-1-150700.15.3.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.16.1.150700.17.11.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.16.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.16.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-22T12:34:19Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
suse-su-2025:03382-1
Vulnerability from csaf_suse
Published
2025-09-26 17:27
Modified
2025-09-26 17:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).
- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
The following non-security bugs were fixed:
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
- ACPI: pfr_update: Fix the driver update version check (git-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: hda: Handle the jack polling always via a work (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).
- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
- Fix OOB array access in 'drm/amdgpu: read back register after written for VCN v4.0.5' (bsc#1248370).
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes).
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes).
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes).
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes).
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes).
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes).
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes).
- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes).
- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes).
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes).
- Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
- Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).
- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes).
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).
- ata: libata-scsi: Fix CDL control (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- bpf: fix kfunc btf caching for modules (git-fixes).
- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
- btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- btrfs: retry block group reclaim without infinite loop (git-fixes).
- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).
- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).
- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).
- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).
- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).
- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
- drm/amd/display: Initialize mode_select to 0 (stable-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).
- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).
- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).
- drm/amd/pm: fix null pointer access (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
- drm/amd: Restore cached power limit during resume (stable-fixes).
- drm/amdgpu/swm14: Update power limit logic (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).
- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
- drm/amdgpu: fix vram reservation issue (git-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
- drm/bridge: fix OF node leak (git-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).
- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).
- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).
- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).
- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).
- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).
- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).
- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).
- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).
- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/msm: update the high bitfield of certain DSI registers (git-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/tests: Fix endian warning (git-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).
- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).
- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).
- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).
- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).
- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- exfat: add cluster chain loop check for dir (git-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).
- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).
- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).
- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).
- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).
- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).
- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).
- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).
- ixgbe: prevent from unwanted interface name changes (git-fixes).
- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).
- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).
- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).
- jfs: Regular file corruption check (git-fixes).
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).
- kernel-binary: Another installation ordering fix (bsc#1241353).
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
- kselftest/runner.sh: add netns support.
- kselftests: Sort the collections list to avoid duplicate tests.
- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
- livepatch: Add 'replace' sysfs attribute (poo#187320).
- livepatch: Add stack_order sysfs attribute (poo#187320).
- livepatch: Move tests from lib/livepatch to selftests/livepatch.
- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- md: make rdev_addable usable for rcu mode (git-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
- media: tc358743: Check I2C succeeded during probe (stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
- media: usb: hdpvr: disable zero-length read messages (stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
- memstick: Fix deadlock by moving removing flag earlier (git-fixes).
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
- most: core: Drop device reference after usage in get_channel() (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
- rpm/config.sh: Udate OBS repositories
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE.
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
- selftests/livepatch: Add selftests for 'replace' sysfs attribute.
- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).
- selftests/livepatch: Replace hardcoded module name.
- selftests/livepatch: define max test-syscall processes.
- selftests/livepatch: fix and refactor new dmesg message code.
- selftests/livepatch: wait for atomic replace to occur.
- selftests/run_kselftest.sh: Fix help string for --per-test-log.
- selftests/run_kselftest.sh: Use readlink if realpath is not available.
- selftests/tracing: Fix false failure of subsystem event test (git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
- selftests: allow runners to override the timeout.
- selftests: livepatch: Add initial .gitignore.
- selftests: livepatch: Avoid running the tests in certain kernel-devel situations.
- selftests: livepatch: Test atomic replace against multiple modules.
- selftests: livepatch: Test livepatching a heavily called syscall.
- selftests: livepatch: add new ftrace helpers functions.
- selftests: livepatch: add test cases of stack_order sysfs interface.
- selftests: livepatch: handle PRINTK_CALLER in check_result().
- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR.
- selftests: livepatch: save and restore kprobe state.
- selftests: livepatch: test if ftrace can trace a livepatched function.
- selftests: livepatch: test livepatching a kprobed function.
- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- serial: core: fix OF node leak (git-fixes).
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).
- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: mac80211: avoid weird state in error path (stable-fixes).
- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
Patchnames
SUSE-2025-3382,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3382,SUSE-SLE-Module-RT-15-SP7-2025-3382
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).\n- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).\n- CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).\n- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).\n- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).\n- CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).\n- CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).\n- CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).\n- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).\n- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).\n- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).\n- CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).\n- CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).\n- CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).\n- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).\n- CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).\n- CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).\n- CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).\n- CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).\n- CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).\n- CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).\n- CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).\n- CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).\n- CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).\n- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).\n- CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).\n- CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).\n- CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).\n- CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).\n- CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).\n- CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).\n- CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).\n- CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).\n- CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).\n- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).\n- CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).\n- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).\n- CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).\n- CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).\n- CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).\n- ACPI: pfr_update: Fix the driver update version check (git-fixes).\n- ACPI: processor: fix acpi_object initialization (stable-fixes).\n- ACPI: processor: perflib: Move problematic pr-\u003eperformance check (git-fixes).\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).\n- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).\n- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).\n- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).\n- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).\n- ALSA: hda: Disable jack polling at shutdown (stable-fixes).\n- ALSA: hda: Handle the jack polling always via a work (stable-fixes).\n- ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).\n- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).\n- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).\n- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).\n- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).\n- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).\n- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).\n- ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).\n- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).\n- ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes).\n- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).\n- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).\n- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).\n- ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).\n- ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).\n- ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes).\n- ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).\n- ASoC: qcom: use drvdata instead of component to keep id (stable-fixes).\n- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).\n- ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes).\n- Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes).\n- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).\n- Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).\n- Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes).\n- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).\n- Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).\n- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).\n- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).\n- Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).\n- Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).\n- Fix OOB array access in \u0027drm/amdgpu: read back register after written for VCN v4.0.5\u0027 (bsc#1248370).\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).\n- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).\n- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).\n- PCI: Add ACS quirk for Loongson PCIe (git-fixes).\n- PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).\n- PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).\n- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).\n- PCI: imx6: Delay link start until configfs \u0027start\u0027 written (git-fixes).\n- PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).\n- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).\n- PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).\n- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).\n- PCI: rockchip: Use standard PCIe definitions (git-fixes).\n- PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).\n- PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).\n- PM: sleep: console: Fix the black screen issue (stable-fixes).\n- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).\n- RAS/AMD/FMPM: Get masked address (bsc#1242034).\n- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).\n- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes).\n- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes).\n- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes).\n- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes).\n- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes).\n- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes).\n- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes).\n- RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes).\n- RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes).\n- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes).\n- Revert \u0027gpio: mlxbf3: only get IRQ for device instance 0\u0027 (git-fixes).\n- Revert \u0027scsi: iscsi: Fix HW conn removal use after free\u0027 (git-fixes).\n- USB: serial: option: add Foxconn T99W709 (stable-fixes).\n- USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).\n- USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).\n- accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes).\n- amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes).\n- aoe: defer rexmit timer downdev work to workqueue (git-fixes).\n- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).\n- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes).\n- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes).\n- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes).\n- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes).\n- arm64: Filter out SME hwcaps when FEAT_SME isn\u0027t implemented (git-fixes).\n- arm64: Restrict pagetable teardown to avoid false warning (git-fixes).\n- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes).\n- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes).\n- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes).\n- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes).\n- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes).\n- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes).\n- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes).\n- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes).\n- ata: libata-scsi: Fix CDL control (git-fixes).\n- block: fix kobject leak in blk_unregister_queue (git-fixes).\n- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).\n- bpf: fix kfunc btf caching for modules (git-fixes).\n- bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).\n- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).\n- btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).\n- btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).\n- btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).\n- btrfs: fix data race when accessing the inode\u0027s disk_i_size at btrfs_drop_extents() (git-fixes).\n- btrfs: fix the length of reserved qgroup to free (bsc#1240708)\n- btrfs: retry block group reclaim without infinite loop (git-fixes).\n- btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120).\n- btrfs: run delayed iputs when flushing delalloc (git-fixes).\n- btrfs: update target inode\u0027s ctime on unlink (git-fixes).\n- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).\n- char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).\n- comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).\n- comedi: Make insn_rw_emulate_bits() do insn-\u003en samples (git-fixes).\n- comedi: fix race between polling and detaching (git-fixes).\n- comedi: pcl726: Prevent invalid irq number (git-fixes).\n- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).\n- crypto: jitter - fix intermediary handling (stable-fixes).\n- crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).\n- crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).\n- devlink: add value check to devlink_info_version_put() (bsc#1245410 jsc#PED-12320).\n- devlink: let driver opt out of automatic phys_port_name generation (git-fixes).\n- drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).\n- drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).\n- drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).\n- drm/amd/display: Allow DCN301 to clear update flags (git-fixes).\n- drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).\n- drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).\n- drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).\n- drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes).\n- drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).\n- drm/amd/display: Do not print errors for nonexistent connectors (git-fixes).\n- drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).\n- drm/amd/display: Fix \u0027failed to blank crtc!\u0027 (stable-fixes).\n- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).\n- drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes).\n- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).\n- drm/amd/display: Initialize mode_select to 0 (stable-fixes).\n- drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).\n- drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).\n- drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes).\n- drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes).\n- drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes).\n- drm/amd/pm: fix null pointer access (stable-fixes).\n- drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).\n- drm/amd: Restore cached power limit during resume (stable-fixes).\n- drm/amdgpu/swm14: Update power limit logic (stable-fixes).\n- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).\n- drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes).\n- drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes).\n- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).\n- drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).\n- drm/amdgpu: fix vram reservation issue (git-fixes).\n- drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).\n- drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes).\n- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).\n- drm/bridge: fix OF node leak (git-fixes).\n- drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).\n- drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes).\n- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).\n- drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes).\n- drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes).\n- drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes).\n- drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes).\n- drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes).\n- drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes).\n- drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes).\n- drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes).\n- drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes).\n- drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes).\n- drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).\n- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).\n- drm/msm: Add error handling for krealloc in metadata setup (stable-fixes).\n- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).\n- drm/msm: update the high bitfield of certain DSI registers (git-fixes).\n- drm/msm: use trylock for debugfs (stable-fixes).\n- drm/nouveau/disp: Always accept linear modifier (git-fixes).\n- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).\n- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).\n- drm/nouveau: fix typos in comments (git-fixes).\n- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).\n- drm/nouveau: remove unused memory target test (git-fixes).\n- drm/tests: Fix endian warning (git-fixes).\n- drm/ttm: Respect the shrinker core free target (stable-fixes).\n- drm/ttm: Should to return the evict error (stable-fixes).\n- drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes).\n- drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes).\n- drm/xe/xe_sync: avoid race during ufence signaling (git-fixes).\n- drm/xe: Do not trigger rebind on initial dma-buf validation (git-fixes).\n- drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes).\n- drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes).\n- et131x: Add missing check after DMA map (stable-fixes).\n- exfat: add cluster chain loop check for dir (git-fixes).\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).\n- fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).\n- fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)\n- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).\n- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).\n- gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).\n- gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).\n- hfs: fix not erasing deleted b-tree node issue (git-fixes).\n- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).\n- hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).\n- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).\n- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).\n- hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).\n- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).\n- i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).\n- i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).\n- ice, irdma: fix an off by one in error handling code (bsc#1247712).\n- ice, irdma: move interrupts code to irdma (bsc#1247712).\n- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).\n- ice: count combined queues using Rx/Tx count (bsc#1247712).\n- ice: devlink PF MSI-X max and min parameter (bsc#1247712).\n- ice: enable_rdma devlink param (bsc#1247712).\n- ice: get rid of num_lan_msix field (bsc#1247712).\n- ice: init flow director before RDMA (bsc#1247712).\n- ice: remove splitting MSI-X between features (bsc#1247712).\n- ice: simplify VF MSI-X managing (bsc#1247712).\n- ice: treat dyn_allowed only as suggestion (bsc#1247712).\n- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).\n- iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).\n- iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).\n- iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).\n- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).\n- iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).\n- integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).\n- iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).\n- ipmi: Fix strcpy source and destination the same (stable-fixes).\n- ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).\n- irdma: free iwdev-\u003erf after removing MSI-X (bsc#1247712).\n- ixgbe: add .info_get extension specific for E610 devices (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions for acquiring flash data (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 functions getting PBA and FW ver info (bsc#1245410 jsc#PED-12320).\n- ixgbe: add E610 implementation of FW recovery mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add FW API version check (bsc#1245410 jsc#PED-12320).\n- ixgbe: add device flash update via devlink (bsc#1245410 jsc#PED-12320).\n- ixgbe: add handler for devlink .info_get() (bsc#1245410 jsc#PED-12320).\n- ixgbe: add initial devlink support (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for FW rollback mode (bsc#1245410 jsc#PED-12320).\n- ixgbe: add support for devlink reload (bsc#1245410 jsc#PED-12320).\n- ixgbe: extend .info_get() with stored versions (bsc#1245410 jsc#PED-12320).\n- ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410).\n- ixgbe: prevent from unwanted interface name changes (git-fixes).\n- ixgbe: read the OROM version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: read the netlist version information (bsc#1245410 jsc#PED-12320).\n- ixgbe: wrap netdev_priv() usage (bsc#1245410 jsc#PED-12320).\n- jfs: Regular file corruption check (git-fixes).\n- jfs: truncate good inode pages when hard link is 0 (git-fixes).\n- jfs: upper bound check of tree index in dbAllocAG (git-fixes).\n- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).\n- kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes).\n- kernel-binary: Another installation ordering fix (bsc#1241353).\n- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346).\n- kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).\n- kselftest/runner.sh: add netns support.\n- kselftests: Sort the collections list to avoid duplicate tests.\n- leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).\n- livepatch: Add \u0027replace\u0027 sysfs attribute (poo#187320).\n- livepatch: Add stack_order sysfs attribute (poo#187320).\n- livepatch: Move tests from lib/livepatch to selftests/livepatch.\n- livepatch: Replace snprintf() with sysfs_emit() (poo#187320).\n- loop: use kiocb helpers to fix lockdep warning (git-fixes).\n- mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).\n- md/md-cluster: handle REMOVE message earlier (bsc#1247057).\n- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).\n- md: allow removing faulty rdev during resync (git-fixes).\n- md: make rdev_addable usable for rcu mode (git-fixes).\n- media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).\n- media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).\n- media: tc358743: Check I2C succeeded during probe (stable-fixes).\n- media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).\n- media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).\n- media: usb: hdpvr: disable zero-length read messages (stable-fixes).\n- media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).\n- media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).\n- mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).\n- memstick: Fix deadlock by moving removing flag earlier (git-fixes).\n- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes).\n- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).\n- mmc: sdhci-msm: Ensure SD card power isn\u0027t ON when card removed (stable-fixes).\n- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).\n- most: core: Drop device reference after usage in get_channel() (git-fixes).\n- mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).\n- mptcp: reset when MPTCP opts are dropped after join (git-fixes).\n- net: phy: micrel: Add ksz9131_resume() (stable-fixes).\n- net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).\n- net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).\n- net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).\n- net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).\n- net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).\n- pNFS: Fix disk addr range check in block/scsi layout (git-fixes).\n- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).\n- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).\n- pNFS: Handle RPC size limit for layoutcommits (git-fixes).\n- phy: mscc: Fix parsing of unicast frames (git-fixes).\n- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).\n- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).\n- pinctrl: stm32: Manage irq affinity settings (stable-fixes).\n- platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).\n- platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (git-fixes).\n- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).\n- platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes).\n- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).\n- power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).\n- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).\n- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).\n- powerpc/eeh: Rely on dev-\u003elink_active_reporting (bsc#1215199).\n- powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).\n- powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).\n- powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).\n- powerpc: do not build ppc_save_regs.o always (bsc#1215199).\n- pwm: mediatek: Fix duty and period setting (git-fixes).\n- pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).\n- reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).\n- rpm/config.sh: Udate OBS repositories\n- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).\n- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).\n- samples/bpf: Fix compilation errors with cf-protection option (git-fixes).\n- scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).\n- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).\n- scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).\n- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).\n- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).\n- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).\n- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).\n- selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE.\n- selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).\n- selftests/livepatch: Add selftests for \u0027replace\u0027 sysfs attribute.\n- selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320).\n- selftests/livepatch: Replace hardcoded module name.\n- selftests/livepatch: define max test-syscall processes.\n- selftests/livepatch: fix and refactor new dmesg message code.\n- selftests/livepatch: wait for atomic replace to occur.\n- selftests/run_kselftest.sh: Fix help string for --per-test-log.\n- selftests/run_kselftest.sh: Use readlink if realpath is not available.\n- selftests/tracing: Fix false failure of subsystem event test (git-fixes).\n- selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).\n- selftests: allow runners to override the timeout.\n- selftests: livepatch: Add initial .gitignore.\n- selftests: livepatch: Avoid running the tests in certain kernel-devel situations.\n- selftests: livepatch: Test atomic replace against multiple modules.\n- selftests: livepatch: Test livepatching a heavily called syscall.\n- selftests: livepatch: add new ftrace helpers functions.\n- selftests: livepatch: add test cases of stack_order sysfs interface.\n- selftests: livepatch: handle PRINTK_CALLER in check_result().\n- selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR.\n- selftests: livepatch: save and restore kprobe state.\n- selftests: livepatch: test if ftrace can trace a livepatched function.\n- selftests: livepatch: test livepatching a kprobed function.\n- selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).\n- serial: 8250: fix panic due to PSLVERR (git-fixes).\n- serial: core: fix OF node leak (git-fixes).\n- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).\n- smb: client: fix parsing of device numbers (git-fixes).\n- soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).\n- soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes).\n- soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).\n- squashfs: fix memory leak in squashfs_fill_super (git-fixes).\n- sunrpc: fix handling of server side tls alerts (git-fixes).\n- sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).\n- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).\n- thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).\n- ublk: sanity check add_dev input for underflow (git-fixes).\n- ublk: use vmalloc for ublk_device\u0027s __queues (git-fixes).\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).\n- usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).\n- usb: core: usb_submit_urb: downgrade type check (stable-fixes).\n- usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).\n- usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).\n- usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).\n- usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).\n- usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).\n- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).\n- usb: storage: realtek_cr: Use correct byte order for bcs-\u003eResidue (git-fixes).\n- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn\u0027t present (stable-fixes).\n- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).\n- usb: xhci: Avoid showing errors during surprise removal (stable-fixes).\n- usb: xhci: Avoid showing warnings for dying controller (stable-fixes).\n- usb: xhci: Fix slot_id resource race conflict (git-fixes).\n- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).\n- usb: xhci: print xhci-\u003exhc_state when queue_command failed (stable-fixes).\n- vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).\n- watchdog: dw_wdt: Fix default timeout (stable-fixes).\n- watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).\n- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).\n- wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes).\n- wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).\n- wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).\n- wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).\n- wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).\n- wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes).\n- wifi: cfg80211: Fix interface type validation (stable-fixes).\n- wifi: cfg80211: reject HTC bit for management frames (stable-fixes).\n- wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).\n- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).\n- wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).\n- wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes).\n- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).\n- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).\n- wifi: mac80211: avoid weird state in error path (stable-fixes).\n- wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).\n- wifi: mac80211: do not unreserve never reserved chanctx (stable-fixes).\n- wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).\n- wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).\n- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).\n- wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes).\n- wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).\n- wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).\n- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3382,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3382,SUSE-SLE-Module-RT-15-SP7-2025-3382",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03382-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03382-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503382-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03382-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041940.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1170284",
"url": "https://bugzilla.suse.com/1170284"
},
{
"category": "self",
"summary": "SUSE Bug 1213545",
"url": "https://bugzilla.suse.com/1213545"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222323",
"url": "https://bugzilla.suse.com/1222323"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230708",
"url": "https://bugzilla.suse.com/1230708"
},
{
"category": "self",
"summary": "SUSE Bug 1232089",
"url": "https://bugzilla.suse.com/1232089"
},
{
"category": "self",
"summary": "SUSE Bug 1233120",
"url": "https://bugzilla.suse.com/1233120"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240890",
"url": "https://bugzilla.suse.com/1240890"
},
{
"category": "self",
"summary": "SUSE Bug 1241353",
"url": "https://bugzilla.suse.com/1241353"
},
{
"category": "self",
"summary": "SUSE Bug 1242034",
"url": "https://bugzilla.suse.com/1242034"
},
{
"category": "self",
"summary": "SUSE Bug 1242754",
"url": "https://bugzilla.suse.com/1242754"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1244734",
"url": "https://bugzilla.suse.com/1244734"
},
{
"category": "self",
"summary": "SUSE Bug 1244930",
"url": "https://bugzilla.suse.com/1244930"
},
{
"category": "self",
"summary": "SUSE Bug 1245410",
"url": "https://bugzilla.suse.com/1245410"
},
{
"category": "self",
"summary": "SUSE Bug 1245663",
"url": "https://bugzilla.suse.com/1245663"
},
{
"category": "self",
"summary": "SUSE Bug 1245710",
"url": "https://bugzilla.suse.com/1245710"
},
{
"category": "self",
"summary": "SUSE Bug 1245767",
"url": "https://bugzilla.suse.com/1245767"
},
{
"category": "self",
"summary": "SUSE Bug 1245780",
"url": "https://bugzilla.suse.com/1245780"
},
{
"category": "self",
"summary": "SUSE Bug 1245815",
"url": "https://bugzilla.suse.com/1245815"
},
{
"category": "self",
"summary": "SUSE Bug 1245956",
"url": "https://bugzilla.suse.com/1245956"
},
{
"category": "self",
"summary": "SUSE Bug 1245973",
"url": "https://bugzilla.suse.com/1245973"
},
{
"category": "self",
"summary": "SUSE Bug 1245977",
"url": "https://bugzilla.suse.com/1245977"
},
{
"category": "self",
"summary": "SUSE Bug 1246005",
"url": "https://bugzilla.suse.com/1246005"
},
{
"category": "self",
"summary": "SUSE Bug 1246012",
"url": "https://bugzilla.suse.com/1246012"
},
{
"category": "self",
"summary": "SUSE Bug 1246181",
"url": "https://bugzilla.suse.com/1246181"
},
{
"category": "self",
"summary": "SUSE Bug 1246193",
"url": "https://bugzilla.suse.com/1246193"
},
{
"category": "self",
"summary": "SUSE Bug 1247057",
"url": "https://bugzilla.suse.com/1247057"
},
{
"category": "self",
"summary": "SUSE Bug 1247078",
"url": "https://bugzilla.suse.com/1247078"
},
{
"category": "self",
"summary": "SUSE Bug 1247112",
"url": "https://bugzilla.suse.com/1247112"
},
{
"category": "self",
"summary": "SUSE Bug 1247116",
"url": "https://bugzilla.suse.com/1247116"
},
{
"category": "self",
"summary": "SUSE Bug 1247119",
"url": "https://bugzilla.suse.com/1247119"
},
{
"category": "self",
"summary": "SUSE Bug 1247155",
"url": "https://bugzilla.suse.com/1247155"
},
{
"category": "self",
"summary": "SUSE Bug 1247162",
"url": "https://bugzilla.suse.com/1247162"
},
{
"category": "self",
"summary": "SUSE Bug 1247167",
"url": "https://bugzilla.suse.com/1247167"
},
{
"category": "self",
"summary": "SUSE Bug 1247229",
"url": "https://bugzilla.suse.com/1247229"
},
{
"category": "self",
"summary": "SUSE Bug 1247243",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "self",
"summary": "SUSE Bug 1247280",
"url": "https://bugzilla.suse.com/1247280"
},
{
"category": "self",
"summary": "SUSE Bug 1247290",
"url": "https://bugzilla.suse.com/1247290"
},
{
"category": "self",
"summary": "SUSE Bug 1247313",
"url": "https://bugzilla.suse.com/1247313"
},
{
"category": "self",
"summary": "SUSE Bug 1247712",
"url": "https://bugzilla.suse.com/1247712"
},
{
"category": "self",
"summary": "SUSE Bug 1247976",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "self",
"summary": "SUSE Bug 1248088",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "self",
"summary": "SUSE Bug 1248108",
"url": "https://bugzilla.suse.com/1248108"
},
{
"category": "self",
"summary": "SUSE Bug 1248164",
"url": "https://bugzilla.suse.com/1248164"
},
{
"category": "self",
"summary": "SUSE Bug 1248166",
"url": "https://bugzilla.suse.com/1248166"
},
{
"category": "self",
"summary": "SUSE Bug 1248175",
"url": "https://bugzilla.suse.com/1248175"
},
{
"category": "self",
"summary": "SUSE Bug 1248178",
"url": "https://bugzilla.suse.com/1248178"
},
{
"category": "self",
"summary": "SUSE Bug 1248179",
"url": "https://bugzilla.suse.com/1248179"
},
{
"category": "self",
"summary": "SUSE Bug 1248180",
"url": "https://bugzilla.suse.com/1248180"
},
{
"category": "self",
"summary": "SUSE Bug 1248183",
"url": "https://bugzilla.suse.com/1248183"
},
{
"category": "self",
"summary": "SUSE Bug 1248186",
"url": "https://bugzilla.suse.com/1248186"
},
{
"category": "self",
"summary": "SUSE Bug 1248194",
"url": "https://bugzilla.suse.com/1248194"
},
{
"category": "self",
"summary": "SUSE Bug 1248196",
"url": "https://bugzilla.suse.com/1248196"
},
{
"category": "self",
"summary": "SUSE Bug 1248198",
"url": "https://bugzilla.suse.com/1248198"
},
{
"category": "self",
"summary": "SUSE Bug 1248205",
"url": "https://bugzilla.suse.com/1248205"
},
{
"category": "self",
"summary": "SUSE Bug 1248206",
"url": "https://bugzilla.suse.com/1248206"
},
{
"category": "self",
"summary": "SUSE Bug 1248208",
"url": "https://bugzilla.suse.com/1248208"
},
{
"category": "self",
"summary": "SUSE Bug 1248209",
"url": "https://bugzilla.suse.com/1248209"
},
{
"category": "self",
"summary": "SUSE Bug 1248212",
"url": "https://bugzilla.suse.com/1248212"
},
{
"category": "self",
"summary": "SUSE Bug 1248213",
"url": "https://bugzilla.suse.com/1248213"
},
{
"category": "self",
"summary": "SUSE Bug 1248214",
"url": "https://bugzilla.suse.com/1248214"
},
{
"category": "self",
"summary": "SUSE Bug 1248216",
"url": "https://bugzilla.suse.com/1248216"
},
{
"category": "self",
"summary": "SUSE Bug 1248217",
"url": "https://bugzilla.suse.com/1248217"
},
{
"category": "self",
"summary": "SUSE Bug 1248223",
"url": "https://bugzilla.suse.com/1248223"
},
{
"category": "self",
"summary": "SUSE Bug 1248227",
"url": "https://bugzilla.suse.com/1248227"
},
{
"category": "self",
"summary": "SUSE Bug 1248228",
"url": "https://bugzilla.suse.com/1248228"
},
{
"category": "self",
"summary": "SUSE Bug 1248229",
"url": "https://bugzilla.suse.com/1248229"
},
{
"category": "self",
"summary": "SUSE Bug 1248232",
"url": "https://bugzilla.suse.com/1248232"
},
{
"category": "self",
"summary": "SUSE Bug 1248240",
"url": "https://bugzilla.suse.com/1248240"
},
{
"category": "self",
"summary": "SUSE Bug 1248255",
"url": "https://bugzilla.suse.com/1248255"
},
{
"category": "self",
"summary": "SUSE Bug 1248297",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "self",
"summary": "SUSE Bug 1248306",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "self",
"summary": "SUSE Bug 1248312",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "self",
"summary": "SUSE Bug 1248333",
"url": "https://bugzilla.suse.com/1248333"
},
{
"category": "self",
"summary": "SUSE Bug 1248334",
"url": "https://bugzilla.suse.com/1248334"
},
{
"category": "self",
"summary": "SUSE Bug 1248337",
"url": "https://bugzilla.suse.com/1248337"
},
{
"category": "self",
"summary": "SUSE Bug 1248338",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "self",
"summary": "SUSE Bug 1248340",
"url": "https://bugzilla.suse.com/1248340"
},
{
"category": "self",
"summary": "SUSE Bug 1248341",
"url": "https://bugzilla.suse.com/1248341"
},
{
"category": "self",
"summary": "SUSE Bug 1248345",
"url": "https://bugzilla.suse.com/1248345"
},
{
"category": "self",
"summary": "SUSE Bug 1248349",
"url": "https://bugzilla.suse.com/1248349"
},
{
"category": "self",
"summary": "SUSE Bug 1248350",
"url": "https://bugzilla.suse.com/1248350"
},
{
"category": "self",
"summary": "SUSE Bug 1248354",
"url": "https://bugzilla.suse.com/1248354"
},
{
"category": "self",
"summary": "SUSE Bug 1248355",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "self",
"summary": "SUSE Bug 1248361",
"url": "https://bugzilla.suse.com/1248361"
},
{
"category": "self",
"summary": "SUSE Bug 1248363",
"url": "https://bugzilla.suse.com/1248363"
},
{
"category": "self",
"summary": "SUSE Bug 1248368",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "self",
"summary": "SUSE Bug 1248370",
"url": "https://bugzilla.suse.com/1248370"
},
{
"category": "self",
"summary": "SUSE Bug 1248374",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "self",
"summary": "SUSE Bug 1248377",
"url": "https://bugzilla.suse.com/1248377"
},
{
"category": "self",
"summary": "SUSE Bug 1248386",
"url": "https://bugzilla.suse.com/1248386"
},
{
"category": "self",
"summary": "SUSE Bug 1248390",
"url": "https://bugzilla.suse.com/1248390"
},
{
"category": "self",
"summary": "SUSE Bug 1248395",
"url": "https://bugzilla.suse.com/1248395"
},
{
"category": "self",
"summary": "SUSE Bug 1248399",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "self",
"summary": "SUSE Bug 1248401",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "self",
"summary": "SUSE Bug 1248511",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "self",
"summary": "SUSE Bug 1248573",
"url": "https://bugzilla.suse.com/1248573"
},
{
"category": "self",
"summary": "SUSE Bug 1248575",
"url": "https://bugzilla.suse.com/1248575"
},
{
"category": "self",
"summary": "SUSE Bug 1248577",
"url": "https://bugzilla.suse.com/1248577"
},
{
"category": "self",
"summary": "SUSE Bug 1248609",
"url": "https://bugzilla.suse.com/1248609"
},
{
"category": "self",
"summary": "SUSE Bug 1248614",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "self",
"summary": "SUSE Bug 1248617",
"url": "https://bugzilla.suse.com/1248617"
},
{
"category": "self",
"summary": "SUSE Bug 1248621",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "self",
"summary": "SUSE Bug 1248636",
"url": "https://bugzilla.suse.com/1248636"
},
{
"category": "self",
"summary": "SUSE Bug 1248643",
"url": "https://bugzilla.suse.com/1248643"
},
{
"category": "self",
"summary": "SUSE Bug 1248647",
"url": "https://bugzilla.suse.com/1248647"
},
{
"category": "self",
"summary": "SUSE Bug 1248648",
"url": "https://bugzilla.suse.com/1248648"
},
{
"category": "self",
"summary": "SUSE Bug 1248652",
"url": "https://bugzilla.suse.com/1248652"
},
{
"category": "self",
"summary": "SUSE Bug 1248655",
"url": "https://bugzilla.suse.com/1248655"
},
{
"category": "self",
"summary": "SUSE Bug 1248666",
"url": "https://bugzilla.suse.com/1248666"
},
{
"category": "self",
"summary": "SUSE Bug 1248669",
"url": "https://bugzilla.suse.com/1248669"
},
{
"category": "self",
"summary": "SUSE Bug 1248746",
"url": "https://bugzilla.suse.com/1248746"
},
{
"category": "self",
"summary": "SUSE Bug 1248748",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "self",
"summary": "SUSE Bug 1249022",
"url": "https://bugzilla.suse.com/1249022"
},
{
"category": "self",
"summary": "SUSE Bug 1249346",
"url": "https://bugzilla.suse.com/1249346"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4130 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-4515 page",
"url": "https://www.suse.com/security/cve/CVE-2023-4515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58238 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38006 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38184 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38185 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38190 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38201 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38205 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38208 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38245 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38251 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38360 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38439 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38440 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38440/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38441 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38444 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38445 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38458 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38459 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38464 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38472 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38490 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38491 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38500 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38503 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38506 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38506/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38510 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38510/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38511 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38512 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38513 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38515 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38520 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38521 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38524 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38528 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38529 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38530 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38531 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38535 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38537 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38538 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38563 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38585 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38609 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38612 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38624 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38632 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38646 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38650 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38656 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38671/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-09-26T17:27:16Z",
"generator": {
"date": "2025-09-26T17:27:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03382-1",
"initial_release_date": "2025-09-26T17:27:16Z",
"revision_history": [
{
"date": "2025-09-26T17:27:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150700.7.16.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150700.7.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150700.7.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP7",
"product": {
"name": "SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.16.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.16.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out of bounds read in smb2_sess_setup\n\nksmbd does not consider the case of that smb2 session setup is\nin compound request. If this is the second payload of the compound,\nOOB read issue occurs while processing the first payload in\nthe smb2_sess_setup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3867",
"url": "https://www.suse.com/security/cve/CVE-2023-3867"
},
{
"category": "external",
"summary": "SUSE Bug 1213545 for CVE-2023-3867",
"url": "https://bugzilla.suse.com/1213545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-3867"
},
{
"cve": "CVE-2023-4130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4130"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()\n\nThere are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request\nfrom client. ksmbd find next smb2_ea_info using -\u003eNextEntryOffset of\ncurrent smb2_ea_info. ksmbd need to validate buffer length Before\naccessing the next ea. ksmbd should check buffer length using buf_len,\nnot next variable. next is the start offset of current ea that got from\nprevious ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4130",
"url": "https://www.suse.com/security/cve/CVE-2023-4130"
},
{
"category": "external",
"summary": "SUSE Bug 1248164 for CVE-2023-4130",
"url": "https://bugzilla.suse.com/1248164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-4130"
},
{
"cve": "CVE-2023-4515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-4515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate command request size\n\nIn commit 2b9b8f3b68ed (\"ksmbd: validate command payload size\"), except\nfor SMB2_OPLOCK_BREAK_HE command, the request size of other commands\nis not checked, it\u0027s not expected. Fix it by add check for request\nsize of other commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-4515",
"url": "https://www.suse.com/security/cve/CVE-2023-4515"
},
{
"category": "external",
"summary": "SUSE Bug 1248180 for CVE-2023-4515",
"url": "https://bugzilla.suse.com/1248180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-4515"
},
{
"cve": "CVE-2024-26661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL test for \u0027timing generator\u0027 in \u0027dcn21_set_pipe()\u0027\n\nIn \"u32 otg_inst = pipe_ctx-\u003estream_res.tg-\u003einst;\"\npipe_ctx-\u003estream_res.tg could be NULL, it is relying on the caller to\nensure the tg is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26661",
"url": "https://www.suse.com/security/cve/CVE-2024-26661"
},
{
"category": "external",
"summary": "SUSE Bug 1222323 for CVE-2024-26661",
"url": "https://bugzilla.suse.com/1222323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26661"
},
{
"cve": "CVE-2024-46733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix qgroup reserve leaks in cow_file_range\n\nIn the buffered write path, the dirty page owns the qgroup reserve until\nit creates an ordered_extent.\n\nTherefore, any errors that occur before the ordered_extent is created\nmust free that reservation, or else the space is leaked. The fstest\ngeneric/475 exercises various IO error paths, and is able to trigger\nerrors in cow_file_range where we fail to get to allocating the ordered\nextent. Note that because we *do* clear delalloc, we are likely to\nremove the inode from the delalloc list, so the inodes/pages to not have\ninvalidate/launder called on them in the commit abort path.\n\nThis results in failures at the unmount stage of the test that look like:\n\n BTRFS: error (device dm-8 state EA) in cleanup_transaction:2018: errno=-5 IO failure\n BTRFS: error (device dm-8 state EA) in btrfs_replace_file_extents:2416: errno=-5 IO failure\n BTRFS warning (device dm-8 state EA): qgroup 0/5 has unreleased space, type 0 rsv 28672\n ------------[ cut here ]------------\n WARNING: CPU: 3 PID: 22588 at fs/btrfs/disk-io.c:4333 close_ctree+0x222/0x4d0 [btrfs]\n Modules linked in: btrfs blake2b_generic libcrc32c xor zstd_compress raid6_pq\n CPU: 3 PID: 22588 Comm: umount Kdump: loaded Tainted: G W 6.10.0-rc7-gab56fde445b8 #21\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:close_ctree+0x222/0x4d0 [btrfs]\n RSP: 0018:ffffb4465283be00 EFLAGS: 00010202\n RAX: 0000000000000001 RBX: ffffa1a1818e1000 RCX: 0000000000000001\n RDX: 0000000000000000 RSI: ffffb4465283bbe0 RDI: ffffa1a19374fcb8\n RBP: ffffa1a1818e13c0 R08: 0000000100028b16 R09: 0000000000000000\n R10: 0000000000000003 R11: 0000000000000003 R12: ffffa1a18ad7972c\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n FS: 00007f9168312b80(0000) GS:ffffa1a4afcc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f91683c9140 CR3: 000000010acaa000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? __warn.cold+0x8e/0xea\n ? close_ctree+0x222/0x4d0 [btrfs]\n ? report_bug+0xff/0x140\n ? handle_bug+0x3b/0x70\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? close_ctree+0x222/0x4d0 [btrfs]\n generic_shutdown_super+0x70/0x160\n kill_anon_super+0x11/0x40\n btrfs_kill_super+0x11/0x20 [btrfs]\n deactivate_locked_super+0x2e/0xa0\n cleanup_mnt+0xb5/0x150\n task_work_run+0x57/0x80\n syscall_exit_to_user_mode+0x121/0x130\n do_syscall_64+0xab/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f916847a887\n ---[ end trace 0000000000000000 ]---\n BTRFS error (device dm-8 state EA): qgroup reserved space leaked\n\nCases 2 and 3 in the out_reserve path both pertain to this type of leak\nand must free the reserved qgroup data. Because it is already an error\npath, I opted not to handle the possible errors in\nbtrfs_free_qgroup_data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46733",
"url": "https://www.suse.com/security/cve/CVE-2024-46733"
},
{
"category": "external",
"summary": "SUSE Bug 1230708 for CVE-2024-46733",
"url": "https://bugzilla.suse.com/1230708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-46733"
},
{
"cve": "CVE-2024-49996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType\u0027s size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf-\u003eDataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49996",
"url": "https://www.suse.com/security/cve/CVE-2024-49996"
},
{
"category": "external",
"summary": "SUSE Bug 1232089 for CVE-2024-49996",
"url": "https://bugzilla.suse.com/1232089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-49996"
},
{
"cve": "CVE-2024-58238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Resolve TX timeout error in power save stress test\n\nThis fixes the tx timeout issue seen while running a stress test on\nbtnxpuart for couple of hours, such that the interval between two HCI\ncommands coincide with the power save timeout value of 2 seconds.\n\nTest procedure using bash script:\n\u003cload btnxpuart.ko\u003e\nhciconfig hci0 up\n//Enable Power Save feature\nhcitool -i hci0 cmd 3f 23 02 00 00\nwhile (true)\ndo\n hciconfig hci0 leadv\n sleep 2\n hciconfig hci0 noleadv\n sleep 2\ndone\n\nError log, after adding few more debug prints:\nBluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00\nBluetooth: hci0: Set UART break: on, status=0\nBluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled\nBluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00\nCan\u0027t set advertise mode on hci0: Connection timed out (110)\nBluetooth: hci0: command 0x200a tx timeout\n\nWhen the power save mechanism turns on UART break, and btnxpuart_tx_work()\nis scheduled simultaneously, psdata-\u003eps_state is read as PS_STATE_AWAKE,\nwhich prevents the psdata-\u003ework from being scheduled, which is responsible\nto turn OFF UART break.\n\nThis issue is fixed by adding a ps_lock mutex around UART break on/off as\nwell as around ps_state read/write.\nbtnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is\nPS_STATE_SLEEP, it will first schedule psdata-\u003ework, and then it will\nreschedule itself once UART break has been turned off and ps_state is\nPS_STATE_AWAKE.\n\nTested above script for 50,000 iterations and TX timeout error was not\nobserved anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58238",
"url": "https://www.suse.com/security/cve/CVE-2024-58238"
},
{
"category": "external",
"summary": "SUSE Bug 1242754 for CVE-2024-58238",
"url": "https://bugzilla.suse.com/1242754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-58238"
},
{
"cve": "CVE-2024-58239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: stop recv() if initial process_rx_list gave us non-DATA\n\nIf we have a non-DATA record on the rx_list and another record of the\nsame type still on the queue, we will end up merging them:\n - process_rx_list copies the non-DATA record\n - we start the loop and process the first available record since it\u0027s\n of the same type\n - we break out of the loop since the record was not DATA\n\nJust check the record type and jump to the end in case process_rx_list\ndid some work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58239",
"url": "https://www.suse.com/security/cve/CVE-2024-58239"
},
{
"category": "external",
"summary": "SUSE Bug 1248614 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248614"
},
{
"category": "external",
"summary": "SUSE Bug 1248615 for CVE-2024-58239",
"url": "https://bugzilla.suse.com/1248615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2024-58239"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Don\u0027t access ifa_index when missing\n\nIn mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but\nonly when the struct ifaddrmsg is provided. Otherwise it will be\ncomparing to uninitialised memory - reproducible in the syzkaller case from\ndhcpd, or busybox \"ip addr show\".\n\nThe kernel MCTP implementation has always filtered by ifa_index, so\nexisting userspace programs expecting to dump MCTP addresses must\nalready be passing a valid ifa_index value (either 0 or a real index).\n\nBUG: KMSAN: uninit-value in mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n mctp_dump_addrinfo+0x208/0xac0 net/mctp/device.c:128\n rtnl_dump_all+0x3ec/0x5b0 net/core/rtnetlink.c:4380\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6824\n netlink_dump+0x97b/0x1690 net/netlink/af_netlink.c:2309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38006",
"url": "https://www.suse.com/security/cve/CVE-2025-38006"
},
{
"category": "external",
"summary": "SUSE Bug 1244930 for CVE-2025-38006",
"url": "https://bugzilla.suse.com/1244930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38006"
},
{
"cve": "CVE-2025-38075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix timeout on deleted connection\n\nNOPIN response timer may expire on a deleted connection and crash with\nsuch logs:\n\nDid not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d\n\nBUG: Kernel NULL pointer dereference on read at 0x00000000\nNIP strlcpy+0x8/0xb0\nLR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod]\nCall Trace:\n iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod]\n call_timer_fn+0x58/0x1f0\n run_timer_softirq+0x740/0x860\n __do_softirq+0x16c/0x420\n irq_exit+0x188/0x1c0\n timer_interrupt+0x184/0x410\n\nThat is because nopin response timer may be re-started on nopin timer\nexpiration.\n\nStop nopin timer before stopping the nopin response timer to be sure\nthat no one of them will be re-started.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38075",
"url": "https://www.suse.com/security/cve/CVE-2025-38075"
},
{
"category": "external",
"summary": "SUSE Bug 1244734 for CVE-2025-38075",
"url": "https://bugzilla.suse.com/1244734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38075"
},
{
"cve": "CVE-2025-38103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()\n\nUpdate struct hid_descriptor to better reflect the mandatory and\noptional parts of the HID Descriptor as per USB HID 1.11 specification.\nNote: the kernel currently does not parse any optional HID class\ndescriptors, only the mandatory report descriptor.\n\nUpdate all references to member element desc[0] to rpt_desc.\n\nAdd test to verify bLength and bNumDescriptors values are valid.\n\nReplace the for loop with direct access to the mandatory HID class\ndescriptor member for the report descriptor. This eliminates the\npossibility of getting an out-of-bounds fault.\n\nAdd a warning message if the HID descriptor contains any unsupported\noptional HID class descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38103",
"url": "https://www.suse.com/security/cve/CVE-2025-38103"
},
{
"category": "external",
"summary": "SUSE Bug 1245663 for CVE-2025-38103",
"url": "https://bugzilla.suse.com/1245663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "low"
}
],
"title": "CVE-2025-38103"
},
{
"cve": "CVE-2025-38125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38125",
"url": "https://www.suse.com/security/cve/CVE-2025-38125"
},
{
"category": "external",
"summary": "SUSE Bug 1245710 for CVE-2025-38125",
"url": "https://bugzilla.suse.com/1245710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix the dead loop of MPLS parse\n\nThe unexpected MPLS packet may not end with the bottom label stack.\nWhen there are many stacks, The label count value has wrapped around.\nA dead loop occurs, soft lockup/CPU stuck finally.\n\nstack backtrace:\nUBSAN: array-index-out-of-bounds in /build/linux-0Pa0xK/linux-5.15.0/net/openvswitch/flow.c:662:26\nindex -1 is out of range for type \u0027__be32 [3]\u0027\nCPU: 34 PID: 0 Comm: swapper/34 Kdump: loaded Tainted: G OE 5.15.0-121-generic #131-Ubuntu\nHardware name: Dell Inc. PowerEdge C6420/0JP9TF, BIOS 2.12.2 07/14/2021\nCall Trace:\n \u003cIRQ\u003e\n show_stack+0x52/0x5c\n dump_stack_lvl+0x4a/0x63\n dump_stack+0x10/0x16\n ubsan_epilogue+0x9/0x36\n __ubsan_handle_out_of_bounds.cold+0x44/0x49\n key_extract_l3l4+0x82a/0x840 [openvswitch]\n ? kfree_skbmem+0x52/0xa0\n key_extract+0x9c/0x2b0 [openvswitch]\n ovs_flow_key_extract+0x124/0x350 [openvswitch]\n ovs_vport_receive+0x61/0xd0 [openvswitch]\n ? kernel_init_free_pages.part.0+0x4a/0x70\n ? get_page_from_freelist+0x353/0x540\n netdev_port_receive+0xc4/0x180 [openvswitch]\n ? netdev_port_receive+0x180/0x180 [openvswitch]\n netdev_frame_hook+0x1f/0x40 [openvswitch]\n __netif_receive_skb_core.constprop.0+0x23a/0xf00\n __netif_receive_skb_list_core+0xfa/0x240\n netif_receive_skb_list_internal+0x18e/0x2a0\n napi_complete_done+0x7a/0x1c0\n bnxt_poll+0x155/0x1c0 [bnxt_en]\n __napi_poll+0x30/0x180\n net_rx_action+0x126/0x280\n ? bnxt_msix+0x67/0x80 [bnxt_en]\n handle_softirqs+0xda/0x2d0\n irq_exit_rcu+0x96/0xc0\n common_interrupt+0x8e/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38146",
"url": "https://www.suse.com/security/cve/CVE-2025-38146"
},
{
"category": "external",
"summary": "SUSE Bug 1245767 for CVE-2025-38146",
"url": "https://bugzilla.suse.com/1245767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38146"
},
{
"cve": "CVE-2025-38160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Add NULL check in raspberrypi_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nraspberrypi_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38160",
"url": "https://www.suse.com/security/cve/CVE-2025-38160"
},
{
"category": "external",
"summary": "SUSE Bug 1245780 for CVE-2025-38160",
"url": "https://bugzilla.suse.com/1245780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38160"
},
{
"cve": "CVE-2025-38184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer\n\nThe reproduction steps:\n1. create a tun interface\n2. enable l2 bearer\n3. TIPC_NL_UDP_GET_REMOTEIP with media name set to tun\n\ntipc: Started in network mode\ntipc: Node identity 8af312d38a21, cluster identity 4711\ntipc: Enabled bearer \u003ceth:syz_tun\u003e, priority 1\nOops: general protection fault\nKASAN: null-ptr-deref in range\nCPU: 1 UID: 1000 PID: 559 Comm: poc Not tainted 6.16.0-rc1+ #117 PREEMPT\nHardware name: QEMU Ubuntu 24.04 PC\nRIP: 0010:tipc_udp_nl_dump_remoteip+0x4a4/0x8f0\n\nthe ub was in fact a struct dev.\n\nwhen bid != 0 \u0026\u0026 skip_cnt != 0, bearer_list[bid] may be NULL or\nother media when other thread changes it.\n\nfix this by checking media_id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38184",
"url": "https://www.suse.com/security/cve/CVE-2025-38184"
},
{
"category": "external",
"summary": "SUSE Bug 1245956 for CVE-2025-38184",
"url": "https://bugzilla.suse.com/1245956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38184"
},
{
"cve": "CVE-2025-38185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: atmtcp: Free invalid length skb in atmtcp_c_send().\n\nsyzbot reported the splat below. [0]\n\nvcc_sendmsg() copies data passed from userspace to skb and passes\nit to vcc-\u003edev-\u003eops-\u003esend().\n\natmtcp_c_send() accesses skb-\u003edata as struct atmtcp_hdr after\nchecking if skb-\u003elen is 0, but it\u0027s not enough.\n\nAlso, when skb-\u003elen == 0, skb and sk (vcc) were leaked because\ndev_kfree_skb() is not called and sk_wmem_alloc adjustment is missing\nto revert atm_account_tx() in vcc_sendmsg(), which is expected\nto be done in atm_pop_raw().\n\nLet\u0027s properly free skb with an invalid length in atmtcp_c_send().\n\n[0]:\nBUG: KMSAN: uninit-value in atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n atmtcp_c_send+0x255/0xed0 drivers/atm/atmtcp.c:294\n vcc_sendmsg+0xd7c/0xff0 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4154 [inline]\n slab_alloc_node mm/slub.c:4197 [inline]\n kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4249\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670\n alloc_skb include/linux/skbuff.h:1336 [inline]\n vcc_sendmsg+0xb40/0xff0 net/atm/common.c:628\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmsg net/socket.c:2652 [inline]\n __do_sys_sendmsg net/socket.c:2657 [inline]\n __se_sys_sendmsg net/socket.c:2655 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2655\n x64_sys_call+0x32fb/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5798 Comm: syz-executor192 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(undef)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38185",
"url": "https://www.suse.com/security/cve/CVE-2025-38185"
},
{
"category": "external",
"summary": "SUSE Bug 1246012 for CVE-2025-38185",
"url": "https://bugzilla.suse.com/1246012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38185"
},
{
"cve": "CVE-2025-38190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Revert atm_account_tx() if copy_from_iter_full() fails.\n\nIn vcc_sendmsg(), we account skb-\u003etruesize to sk-\u003esk_wmem_alloc by\natm_account_tx().\n\nIt is expected to be reverted by atm_pop_raw() later called by\nvcc-\u003edev-\u003eops-\u003esend(vcc, skb).\n\nHowever, vcc_sendmsg() misses the same revert when copy_from_iter_full()\nfails, and then we will leak a socket.\n\nLet\u0027s factorise the revert part as atm_return_tx() and call it in\nthe failure path.\n\nNote that the corresponding sk_wmem_alloc operation can be found in\nalloc_tx() as of the blamed commit.\n\n $ git blame -L:alloc_tx net/atm/common.c c55fa3cccbc2c~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38190",
"url": "https://www.suse.com/security/cve/CVE-2025-38190"
},
{
"category": "external",
"summary": "SUSE Bug 1245973 for CVE-2025-38190",
"url": "https://bugzilla.suse.com/1245973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38190"
},
{
"cve": "CVE-2025-38201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38201",
"url": "https://www.suse.com/security/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "SUSE Bug 1245977 for CVE-2025-38201",
"url": "https://bugzilla.suse.com/1245977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid divide by zero by initializing dummy pitch to 1\n\n[Why]\nIf the dummy values in `populate_dummy_dml_surface_cfg()` aren\u0027t updated\nthen they can lead to a divide by zero in downstream callers like\nCalculateVMAndRowBytes()\n\n[How]\nInitialize dummy value to a value to avoid divide by zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38205",
"url": "https://www.suse.com/security/cve/CVE-2025-38205"
},
{
"category": "external",
"summary": "SUSE Bug 1246005 for CVE-2025-38205",
"url": "https://bugzilla.suse.com/1246005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38205"
},
{
"cve": "CVE-2025-38208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: add NULL check in automount_fullpath\n\npage is checked for null in __build_path_from_dentry_optional_prefix\nwhen tcon-\u003eorigin_fullpath is not set. However, the check is missing when\nit is set.\nAdd a check to prevent a potential NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38208",
"url": "https://www.suse.com/security/cve/CVE-2025-38208"
},
{
"category": "external",
"summary": "SUSE Bug 1245815 for CVE-2025-38208",
"url": "https://bugzilla.suse.com/1245815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38208"
},
{
"cve": "CVE-2025-38245",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38245"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet\u0027s hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry \u0027atm/atmtcp:0\u0027 already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 \u003c0f\u003e 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38245",
"url": "https://www.suse.com/security/cve/CVE-2025-38245"
},
{
"category": "external",
"summary": "SUSE Bug 1246193 for CVE-2025-38245",
"url": "https://bugzilla.suse.com/1246193"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38245"
},
{
"cve": "CVE-2025-38251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: prevent NULL deref in clip_push()\n\nBlamed commit missed that vcc_destroy_socket() calls\nclip_push() with a NULL skb.\n\nIf clip_devs is NULL, clip_push() then crashes when reading\nskb-\u003etruesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38251",
"url": "https://www.suse.com/security/cve/CVE-2025-38251"
},
{
"category": "external",
"summary": "SUSE Bug 1246181 for CVE-2025-38251",
"url": "https://bugzilla.suse.com/1246181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38251"
},
{
"cve": "CVE-2025-38360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add more checks for DSC / HUBP ONO guarantees\n\n[WHY]\nFor non-zero DSC instances it\u0027s possible that the HUBP domain required\nto drive it for sequential ONO ASICs isn\u0027t met, potentially causing\nthe logic to the tile to enter an undefined state leading to a system\nhang.\n\n[HOW]\nAdd more checks to ensure that the HUBP domain matching the DSC instance\nis appropriately powered.\n\n(cherry picked from commit da63df07112e5a9857a8d2aaa04255c4206754ec)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38360",
"url": "https://www.suse.com/security/cve/CVE-2025-38360"
},
{
"category": "external",
"summary": "SUSE Bug 1247078 for CVE-2025-38360",
"url": "https://bugzilla.suse.com/1247078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38360"
},
{
"cve": "CVE-2025-38439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff \u003c0f\u003e 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\u003cIRQ\u003e\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38439",
"url": "https://www.suse.com/security/cve/CVE-2025-38439"
},
{
"category": "external",
"summary": "SUSE Bug 1247155 for CVE-2025-38439",
"url": "https://bugzilla.suse.com/1247155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "low"
}
],
"title": "CVE-2025-38439"
},
{
"cve": "CVE-2025-38440",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38440"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix race between DIM disable and net_dim()\n\nThere\u0027s a race between disabling DIM and NAPI callbacks using the dim\npointer on the RQ or SQ.\n\nIf NAPI checks the DIM state bit and sees it still set, it assumes\n`rq-\u003edim` or `sq-\u003edim` is valid. But if DIM gets disabled right after\nthat check, the pointer might already be set to NULL, leading to a NULL\npointer dereference in net_dim().\n\nFix this by calling `synchronize_net()` before freeing the DIM context.\nThis ensures all in-progress NAPI callbacks are finished before the\npointer is cleared.\n\nKernel log:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:net_dim+0x23/0x190\n...\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? common_interrupt+0xf/0xa0\n ? sysvec_call_function_single+0xb/0x90\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? net_dim+0x23/0x190\n ? mlx5e_poll_ico_cq+0x41/0x6f0 [mlx5_core]\n ? sysvec_apic_timer_interrupt+0xb/0x90\n mlx5e_handle_rx_dim+0x92/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x2cd/0xac0 [mlx5_core]\n ? mlx5e_poll_ico_cq+0xe5/0x6f0 [mlx5_core]\n busy_poll_stop+0xa2/0x200\n ? mlx5e_napi_poll+0x1d9/0xac0 [mlx5_core]\n ? mlx5e_trigger_irq+0x130/0x130 [mlx5_core]\n __napi_busy_loop+0x345/0x3b0\n ? sysvec_call_function_single+0xb/0x90\n ? asm_sysvec_call_function_single+0x16/0x20\n ? sysvec_apic_timer_interrupt+0xb/0x90\n ? pcpu_free_area+0x1e4/0x2e0\n napi_busy_loop+0x11/0x20\n xsk_recvmsg+0x10c/0x130\n sock_recvmsg+0x44/0x70\n __sys_recvfrom+0xbc/0x130\n ? __schedule+0x398/0x890\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n...\n---[ end trace 0000000000000000 ]---\n...\n---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38440",
"url": "https://www.suse.com/security/cve/CVE-2025-38440"
},
{
"category": "external",
"summary": "SUSE Bug 1247290 for CVE-2025-38440",
"url": "https://bugzilla.suse.com/1247290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38440"
},
{
"cve": "CVE-2025-38441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()\n\nsyzbot found a potential access to uninit-value in nf_flow_pppoe_proto()\n\nBlamed commit forgot the Ethernet header.\n\nBUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_flow_offload_inet_hook+0x7e4/0x940 net/netfilter/nf_flow_table_inet.c:27\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xe1/0x3d0 net/netfilter/core.c:623\n nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]\n nf_ingress net/core/dev.c:5742 [inline]\n __netif_receive_skb_core+0x4aff/0x70c0 net/core/dev.c:5837\n __netif_receive_skb_one_core net/core/dev.c:5975 [inline]\n __netif_receive_skb+0xcc/0xac0 net/core/dev.c:6090\n netif_receive_skb_internal net/core/dev.c:6176 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6235\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x4ee0/0x6b40 drivers/net/tun.c:1938\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1984\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xb4b/0x1580 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38441",
"url": "https://www.suse.com/security/cve/CVE-2025-38441"
},
{
"category": "external",
"summary": "SUSE Bug 1247167 for CVE-2025-38441",
"url": "https://bugzilla.suse.com/1247167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38441"
},
{
"cve": "CVE-2025-38444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid10: cleanup memleak at raid10_make_request\n\nIf raid10_read_request or raid10_write_request registers a new\nrequest and the REQ_NOWAIT flag is set, the code does not\nfree the malloc from the mempool.\n\nunreferenced object 0xffff8884802c3200 (size 192):\n comm \"fio\", pid 9197, jiffies 4298078271\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 88 41 02 00 00 00 00 00 .........A......\n 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc c1a049a2):\n __kmalloc+0x2bb/0x450\n mempool_alloc+0x11b/0x320\n raid10_make_request+0x19e/0x650 [raid10]\n md_handle_request+0x3b3/0x9e0\n __submit_bio+0x394/0x560\n __submit_bio_noacct+0x145/0x530\n submit_bio_noacct_nocheck+0x682/0x830\n __blkdev_direct_IO_async+0x4dc/0x6b0\n blkdev_read_iter+0x1e5/0x3b0\n __io_read+0x230/0x1110\n io_read+0x13/0x30\n io_issue_sqe+0x134/0x1180\n io_submit_sqes+0x48c/0xe90\n __do_sys_io_uring_enter+0x574/0x8b0\n do_syscall_64+0x5c/0xe0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nV4: changing backing tree to see if CKI tests will pass.\nThe patch code has not changed between any versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38444",
"url": "https://www.suse.com/security/cve/CVE-2025-38444"
},
{
"category": "external",
"summary": "SUSE Bug 1247162 for CVE-2025-38444",
"url": "https://bugzilla.suse.com/1247162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38444"
},
{
"cve": "CVE-2025-38445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf-\u003er1bio_pool.\nThis results in conf-\u003er1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(\u0026newpool, ...);\n\tconf-\u003er1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool-\u003ealloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool-\u003ecurr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool-\u003ecurr_nr \u003c pool-\u003emin_nr) {\n\t\t// pool-\u003ewait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(\u0026pool-\u003ewait);\n\t}\n}\n\nFix:\nreinit conf-\u003er1bio_pool.wait after assigning newpool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38445",
"url": "https://www.suse.com/security/cve/CVE-2025-38445"
},
{
"category": "external",
"summary": "SUSE Bug 1247229 for CVE-2025-38445",
"url": "https://bugzilla.suse.com/1247229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38445"
},
{
"cve": "CVE-2025-38458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix NULL pointer dereference in vcc_sendmsg()\n\natmarpd_dev_ops does not implement the send method, which may cause crash\nas bellow.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: Oops: 0010 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc9000d3cf778 EFLAGS: 00010246\nRAX: 1ffffffff1910dd1 RBX: 00000000000000c0 RCX: dffffc0000000000\nRDX: ffffc9000dc82000 RSI: ffff88803e4c4640 RDI: ffff888052cd0000\nRBP: ffffc9000d3cf8d0 R08: ffff888052c9143f R09: 1ffff1100a592287\nR10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff92001a79f00\nR13: ffff888052cd0000 R14: ffff88803e4c4640 R15: ffffffff8c886e88\nFS: 00007fbc762566c0(0000) GS:ffff88808d6c2000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 0000000041f1b000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vcc_sendmsg+0xa10/0xc50 net/atm/common.c:644\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n ____sys_sendmsg+0x52d/0x830 net/socket.c:2566\n ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2620\n __sys_sendmmsg+0x227/0x430 net/socket.c:2709\n __do_sys_sendmmsg net/socket.c:2736 [inline]\n __se_sys_sendmmsg net/socket.c:2733 [inline]\n __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2733\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38458",
"url": "https://www.suse.com/security/cve/CVE-2025-38458"
},
{
"category": "external",
"summary": "SUSE Bug 1247116 for CVE-2025-38458",
"url": "https://bugzilla.suse.com/1247116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38458"
},
{
"cve": "CVE-2025-38459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38459"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc-\u003epush(),\nand the second call copies it to clip_vcc-\u003eold_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc-\u003eold_push(),\ntriggering the infinite recursion.\n\nLet\u0027s prevent the second ioctl(ATMARP_MKIP) by checking\nvcc-\u003euser_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 \u003c41\u003e 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \u003c/TASK\u003e\nModules linked in:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38459",
"url": "https://www.suse.com/security/cve/CVE-2025-38459"
},
{
"category": "external",
"summary": "SUSE Bug 1247119 for CVE-2025-38459",
"url": "https://bugzilla.suse.com/1247119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38459"
},
{
"cve": "CVE-2025-38464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Fix use-after-free in tipc_conn_close().\n\nsyzbot reported a null-ptr-deref in tipc_conn_close() during netns\ndismantle. [0]\n\ntipc_topsrv_stop() iterates tipc_net(net)-\u003etopsrv-\u003econn_idr and calls\ntipc_conn_close() for each tipc_conn.\n\nThe problem is that tipc_conn_close() is called after releasing the\nIDR lock.\n\nAt the same time, there might be tipc_conn_recv_work() running and it\ncould call tipc_conn_close() for the same tipc_conn and release its\nlast -\u003ekref.\n\nOnce we release the IDR lock in tipc_topsrv_stop(), there is no\nguarantee that the tipc_conn is alive.\n\nLet\u0027s hold the ref before releasing the lock and put the ref after\ntipc_conn_close() in tipc_topsrv_stop().\n\n[0]:\nBUG: KASAN: use-after-free in tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\nRead of size 8 at addr ffff888099305a08 by task kworker/u4:3/435\n\nCPU: 0 PID: 435 Comm: kworker/u4:3 Not tainted 4.19.204-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1fc/0x2ef lib/dump_stack.c:118\n print_address_description.cold+0x54/0x219 mm/kasan/report.c:256\n kasan_report_error.cold+0x8a/0x1b9 mm/kasan/report.c:354\n kasan_report mm/kasan/report.c:412 [inline]\n __asan_report_load8_noabort+0x88/0x90 mm/kasan/report.c:433\n tipc_conn_close+0x122/0x140 net/tipc/topsrv.c:165\n tipc_topsrv_stop net/tipc/topsrv.c:701 [inline]\n tipc_topsrv_exit_net+0x27b/0x5c0 net/tipc/topsrv.c:722\n ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153\n cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:553\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nAllocated by task 23:\n kmem_cache_alloc_trace+0x12f/0x380 mm/slab.c:3625\n kmalloc include/linux/slab.h:515 [inline]\n kzalloc include/linux/slab.h:709 [inline]\n tipc_conn_alloc+0x43/0x4f0 net/tipc/topsrv.c:192\n tipc_topsrv_accept+0x1b5/0x280 net/tipc/topsrv.c:470\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nFreed by task 23:\n __cache_free mm/slab.c:3503 [inline]\n kfree+0xcc/0x210 mm/slab.c:3822\n tipc_conn_kref_release net/tipc/topsrv.c:150 [inline]\n kref_put include/linux/kref.h:70 [inline]\n conn_put+0x2cd/0x3a0 net/tipc/topsrv.c:155\n process_one_work+0x864/0x1570 kernel/workqueue.c:2153\n worker_thread+0x64c/0x1130 kernel/workqueue.c:2296\n kthread+0x33f/0x460 kernel/kthread.c:259\n ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415\n\nThe buggy address belongs to the object at ffff888099305a00\n which belongs to the cache kmalloc-512 of size 512\nThe buggy address is located 8 bytes inside of\n 512-byte region [ffff888099305a00, ffff888099305c00)\nThe buggy address belongs to the page:\npage:ffffea000264c140 count:1 mapcount:0 mapping:ffff88813bff0940 index:0x0\nflags: 0xfff00000000100(slab)\nraw: 00fff00000000100 ffffea00028b6b88 ffffea0002cd2b08 ffff88813bff0940\nraw: 0000000000000000 ffff888099305000 0000000100000006 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888099305900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n\u003effff888099305a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888099305a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888099305b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38464",
"url": "https://www.suse.com/security/cve/CVE-2025-38464"
},
{
"category": "external",
"summary": "SUSE Bug 1247112 for CVE-2025-38464",
"url": "https://bugzilla.suse.com/1247112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38464"
},
{
"cve": "CVE-2025-38472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack: fix crash due to removal of uninitialised entry\n\nA crash in conntrack was reported while trying to unlink the conntrack\nentry from the hash bucket list:\n [exception RIP: __nf_ct_delete_from_lists+172]\n [..]\n #7 [ff539b5a2b043aa0] nf_ct_delete at ffffffffc124d421 [nf_conntrack]\n #8 [ff539b5a2b043ad0] nf_ct_gc_expired at ffffffffc124d999 [nf_conntrack]\n #9 [ff539b5a2b043ae0] __nf_conntrack_find_get at ffffffffc124efbc [nf_conntrack]\n [..]\n\nThe nf_conn struct is marked as allocated from slab but appears to be in\na partially initialised state:\n\n ct hlist pointer is garbage; looks like the ct hash value\n (hence crash).\n ct-\u003estatus is equal to IPS_CONFIRMED|IPS_DYING, which is expected\n ct-\u003etimeout is 30000 (=30s), which is unexpected.\n\nEverything else looks like normal udp conntrack entry. If we ignore\nct-\u003estatus and pretend its 0, the entry matches those that are newly\nallocated but not yet inserted into the hash:\n - ct hlist pointers are overloaded and store/cache the raw tuple hash\n - ct-\u003etimeout matches the relative time expected for a new udp flow\n rather than the absolute \u0027jiffies\u0027 value.\n\nIf it were not for the presence of IPS_CONFIRMED,\n__nf_conntrack_find_get() would have skipped the entry.\n\nTheory is that we did hit following race:\n\ncpu x \t\t\tcpu y\t\t\tcpu z\n found entry E\t\tfound entry E\n E is expired\t\t\u003cpreemption\u003e\n nf_ct_delete()\n return E to rcu slab\n\t\t\t\t\tinit_conntrack\n\t\t\t\t\tE is re-inited,\n\t\t\t\t\tct-\u003estatus set to 0\n\t\t\t\t\treply tuplehash hnnode.pprev\n\t\t\t\t\tstores hash value.\n\ncpu y found E right before it was deleted on cpu x.\nE is now re-inited on cpu z. cpu y was preempted before\nchecking for expiry and/or confirm bit.\n\n\t\t\t\t\t-\u003erefcnt set to 1\n\t\t\t\t\tE now owned by skb\n\t\t\t\t\t-\u003etimeout set to 30000\n\nIf cpu y were to resume now, it would observe E as\nexpired but would skip E due to missing CONFIRMED bit.\n\n\t\t\t\t\tnf_conntrack_confirm gets called\n\t\t\t\t\tsets: ct-\u003estatus |= CONFIRMED\n\t\t\t\t\tThis is wrong: E is not yet added\n\t\t\t\t\tto hashtable.\n\ncpu y resumes, it observes E as expired but CONFIRMED:\n\t\t\t\u003cresumes\u003e\n\t\t\tnf_ct_expired()\n\t\t\t -\u003e yes (ct-\u003etimeout is 30s)\n\t\t\tconfirmed bit set.\n\ncpu y will try to delete E from the hashtable:\n\t\t\tnf_ct_delete() -\u003e set DYING bit\n\t\t\t__nf_ct_delete_from_lists\n\nEven this scenario doesn\u0027t guarantee a crash:\ncpu z still holds the table bucket lock(s) so y blocks:\n\n\t\t\twait for spinlock held by z\n\n\t\t\t\t\tCONFIRMED is set but there is no\n\t\t\t\t\tguarantee ct will be added to hash:\n\t\t\t\t\t\"chaintoolong\" or \"clash resolution\"\n\t\t\t\t\tlogic both skip the insert step.\n\t\t\t\t\treply hnnode.pprev still stores the\n\t\t\t\t\thash value.\n\n\t\t\t\t\tunlocks spinlock\n\t\t\t\t\treturn NF_DROP\n\t\t\t\u003cunblocks, then\n\t\t\t crashes on hlist_nulls_del_rcu pprev\u003e\n\nIn case CPU z does insert the entry into the hashtable, cpu y will unlink\nE again right away but no crash occurs.\n\nWithout \u0027cpu y\u0027 race, \u0027garbage\u0027 hlist is of no consequence:\nct refcnt remains at 1, eventually skb will be free\u0027d and E gets\ndestroyed via: nf_conntrack_put -\u003e nf_conntrack_destroy -\u003e nf_ct_destroy.\n\nTo resolve this, move the IPS_CONFIRMED assignment after the table\ninsertion but before the unlock.\n\nPablo points out that the confirm-bit-store could be reordered to happen\nbefore hlist add resp. the timeout fixup, so switch to set_bit and\nbefore_atomic memory barrier to prevent this.\n\nIt doesn\u0027t matter if other CPUs can observe a newly inserted entry right\nbefore the CONFIRMED bit was set:\n\nSuch event cannot be distinguished from above \"E is the old incarnation\"\ncase: the entry will be skipped.\n\nAlso change nf_ct_should_gc() to first check the confirmed bit.\n\nThe gc sequence is:\n 1. Check if entry has expired, if not skip to next entry\n 2. Obtain a reference to the expired entry.\n 3. Call nf_ct_should_gc() to double-check step 1.\n\nnf_ct_should_gc() is thus called only for entries that already failed an\nexpiry check. After this patch, once the confirmed bit check pas\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38472",
"url": "https://www.suse.com/security/cve/CVE-2025-38472"
},
{
"category": "external",
"summary": "SUSE Bug 1247313 for CVE-2025-38472",
"url": "https://bugzilla.suse.com/1247313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38490",
"url": "https://www.suse.com/security/cve/CVE-2025-38490"
},
{
"category": "external",
"summary": "SUSE Bug 1247243 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247243"
},
{
"category": "external",
"summary": "SUSE Bug 1247384 for CVE-2025-38490",
"url": "https://bugzilla.suse.com/1247384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: make fallback action and fallback decision atomic\n\nSyzkaller reported the following splat:\n\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 check_fully_established net/mptcp/options.c:982 [inline]\n WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Modules linked in:\n CPU: 1 UID: 0 PID: 7704 Comm: syz.3.1419 Not tainted 6.16.0-rc3-gbd5ce2324dba #20 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:__mptcp_do_fallback net/mptcp/protocol.h:1223 [inline]\n RIP: 0010:mptcp_do_fallback net/mptcp/protocol.h:1244 [inline]\n RIP: 0010:check_fully_established net/mptcp/options.c:982 [inline]\n RIP: 0010:mptcp_incoming_options+0x21a8/0x2510 net/mptcp/options.c:1153\n Code: 24 18 e8 bb 2a 00 fd e9 1b df ff ff e8 b1 21 0f 00 e8 ec 5f c4 fc 44 0f b7 ac 24 b0 00 00 00 e9 54 f1 ff ff e8 d9 5f c4 fc 90 \u003c0f\u003e 0b 90 e9 b8 f4 ff ff e8 8b 2a 00 fd e9 8d e6 ff ff e8 81 2a 00\n RSP: 0018:ffff8880a3f08448 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff8880180a8000 RCX: ffffffff84afcf45\n RDX: ffff888090223700 RSI: ffffffff84afdaa7 RDI: 0000000000000001\n RBP: ffff888017955780 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff8880180a8910 R14: ffff8880a3e9d058 R15: 0000000000000000\n FS: 00005555791b8500(0000) GS:ffff88811c495000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000110c2800b7 CR3: 0000000058e44000 CR4: 0000000000350ef0\n Call Trace:\n \u003cIRQ\u003e\n tcp_reset+0x26f/0x2b0 net/ipv4/tcp_input.c:4432\n tcp_validate_incoming+0x1057/0x1b60 net/ipv4/tcp_input.c:5975\n tcp_rcv_established+0x5b5/0x21f0 net/ipv4/tcp_input.c:6166\n tcp_v4_do_rcv+0x5dc/0xa70 net/ipv4/tcp_ipv4.c:1925\n tcp_v4_rcv+0x3473/0x44a0 net/ipv4/tcp_ipv4.c:2363\n ip_protocol_deliver_rcu+0xba/0x480 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2f1/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_local_deliver+0x1be/0x560 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:469 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:447 [inline]\n NF_HOOK include/linux/netfilter.h:317 [inline]\n NF_HOOK include/linux/netfilter.h:311 [inline]\n ip_rcv+0x514/0x810 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:5975\n __netif_receive_skb+0x1f/0x120 net/core/dev.c:6088\n process_backlog+0x301/0x1360 net/core/dev.c:6440\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7453\n napi_poll net/core/dev.c:7517 [inline]\n net_rx_action+0xb44/0x1010 net/core/dev.c:7644\n handle_softirqs+0x1d0/0x770 kernel/softirq.c:579\n do_softirq+0x3f/0x90 kernel/softirq.c:480\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0xed/0x110 kernel/softirq.c:407\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n inet_csk_listen_stop+0x2c5/0x1070 net/ipv4/inet_connection_sock.c:1524\n mptcp_check_listen_stop.part.0+0x1cc/0x220 net/mptcp/protocol.c:2985\n mptcp_check_listen_stop net/mptcp/mib.h:118 [inline]\n __mptcp_close+0x9b9/0xbd0 net/mptcp/protocol.c:3000\n mptcp_close+0x2f/0x140 net/mptcp/protocol.c:3066\n inet_release+0xed/0x200 net/ipv4/af_inet.c:435\n inet6_release+0x4f/0x70 net/ipv6/af_inet6.c:487\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x402/0xb70 fs/file_table.c:465\n task_work_run+0x150/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xd4\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38491",
"url": "https://www.suse.com/security/cve/CVE-2025-38491"
},
{
"category": "external",
"summary": "SUSE Bug 1247280 for CVE-2025-38491",
"url": "https://bugzilla.suse.com/1247280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: interface: fix use-after-free after changing collect_md xfrm interface\n\ncollect_md property on xfrm interfaces can only be set on device creation,\nthus xfrmi_changelink() should fail when called on such interfaces.\n\nThe check to enforce this was done only in the case where the xi was\nreturned from xfrmi_locate() which doesn\u0027t look for the collect_md\ninterface, and thus the validation was never reached.\n\nCalling changelink would thus errornously place the special interface xi\nin the xfrmi_net-\u003exfrmi hash, but since it also exists in the\nxfrmi_net-\u003ecollect_md_xfrmi pointer it would lead to a double free when\nthe net namespace was taken down [1].\n\nChange the check to use the xi from netdev_priv which is available earlier\nin the function to prevent changes in xfrm collect_md interfaces.\n\n[1] resulting oops:\n[ 8.516540] kernel BUG at net/core/dev.c:12029!\n[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)\n[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 8.516569] Workqueue: netns cleanup_net\n[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0\n[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 \u003c0f\u003e 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24\n[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206\n[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60\n[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122\n[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100\n[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00\n[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00\n[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000\n[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0\n[ 8.516625] PKRU: 55555554\n[ 8.516627] Call Trace:\n[ 8.516632] \u003cTASK\u003e\n[ 8.516635] ? rtnl_is_locked+0x15/0x20\n[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0\n[ 8.516650] ops_undo_list+0x1f2/0x220\n[ 8.516659] cleanup_net+0x1ad/0x2e0\n[ 8.516664] process_one_work+0x160/0x380\n[ 8.516673] worker_thread+0x2aa/0x3c0\n[ 8.516679] ? __pfx_worker_thread+0x10/0x10\n[ 8.516686] kthread+0xfb/0x200\n[ 8.516690] ? __pfx_kthread+0x10/0x10\n[ 8.516693] ? __pfx_kthread+0x10/0x10\n[ 8.516697] ret_from_fork+0x82/0xf0\n[ 8.516705] ? __pfx_kthread+0x10/0x10\n[ 8.516709] ret_from_fork_asm+0x1a/0x30\n[ 8.516718] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38500",
"url": "https://www.suse.com/security/cve/CVE-2025-38500"
},
{
"category": "external",
"summary": "SUSE Bug 1248088 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248088"
},
{
"category": "external",
"summary": "SUSE Bug 1248672 for CVE-2025-38500",
"url": "https://bugzilla.suse.com/1248672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38500"
},
{
"cve": "CVE-2025-38503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion when building free space tree\n\nWhen building the free space tree with the block group tree feature\nenabled, we can hit an assertion failure like this:\n\n BTRFS info (device loop0 state M): rebuilding free space tree\n assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1102!\n Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n Modules linked in:\n CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102\n sp : ffff8000a4ce7600\n x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8\n x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001\n x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160\n x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff\n x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0\n x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff\n x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00\n x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001\n x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0\n x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e\n Call trace:\n populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)\n btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337\n btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074\n btrfs_remount_rw fs/btrfs/super.c:1319 [inline]\n btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543\n reconfigure_super+0x1d4/0x6f0 fs/super.c:1083\n do_remount fs/namespace.c:3365 [inline]\n path_mount+0xb34/0xde0 fs/namespace.c:4200\n do_mount fs/namespace.c:4221 [inline]\n __do_sys_mount fs/namespace.c:4432 [inline]\n __se_sys_mount fs/namespace.c:4409 [inline]\n __arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n Code: f0047182 91178042 528089c3 9771d47b (d4210000)\n ---[ end trace 0000000000000000 ]---\n\nThis happens because we are processing an empty block group, which has\nno extents allocated from it, there are no items for this block group,\nincluding the block group item since block group items are stored in a\ndedicated tree when using the block group tree feature. It also means\nthis is the block group with the highest start offset, so there are no\nhigher keys in the extent root, hence btrfs_search_slot_for_read()\nreturns 1 (no higher key found).\n\nFix this by asserting \u0027ret\u0027 is 0 only if the block group tree feature\nis not enabled, in which case we should find a block group item for\nthe block group since it\u0027s stored in the extent root and block group\nitem keys are greater than extent item keys (the value for\nBTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and\nBTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).\nIn case \u0027ret\u0027 is 1, we just need to add a record to the free space\ntree which spans the whole block group, and we can achieve this by\nmaking \u0027ret == 0\u0027 as the while loop\u0027s condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38503",
"url": "https://www.suse.com/security/cve/CVE-2025-38503"
},
{
"category": "external",
"summary": "SUSE Bug 1248183 for CVE-2025-38503",
"url": "https://bugzilla.suse.com/1248183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38503"
},
{
"cve": "CVE-2025-38506",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38506"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Allow CPU to reschedule while setting per-page memory attributes\n\nWhen running an SEV-SNP guest with a sufficiently large amount of memory (1TB+),\nthe host can experience CPU soft lockups when running an operation in\nkvm_vm_set_mem_attributes() to set memory attributes on the whole\nrange of guest memory.\n\nwatchdog: BUG: soft lockup - CPU#8 stuck for 26s! [qemu-kvm:6372]\nCPU: 8 UID: 0 PID: 6372 Comm: qemu-kvm Kdump: loaded Not tainted 6.15.0-rc7.20250520.el9uek.rc1.x86_64 #1 PREEMPT(voluntary)\nHardware name: Oracle Corporation ORACLE SERVER E4-2c/Asm,MB Tray,2U,E4-2c, BIOS 78016600 11/13/2024\nRIP: 0010:xas_create+0x78/0x1f0\nCode: 00 00 00 41 80 fc 01 0f 84 82 00 00 00 ba 06 00 00 00 bd 06 00 00 00 49 8b 45 08 4d 8d 65 08 41 39 d6 73 20 83 ed 06 48 85 c0 \u003c74\u003e 67 48 89 c2 83 e2 03 48 83 fa 02 75 0c 48 3d 00 10 00 00 0f 87\nRSP: 0018:ffffad890a34b940 EFLAGS: 00000286\nRAX: ffff96f30b261daa RBX: ffffad890a34b9c8 RCX: 0000000000000000\nRDX: 000000000000001e RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000000000018 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffad890a356868\nR13: ffffad890a356860 R14: 0000000000000000 R15: ffffad890a356868\nFS: 00007f5578a2a400(0000) GS:ffff97ed317e1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f015c70fb18 CR3: 00000001109fd006 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n xas_store+0x58/0x630\n __xa_store+0xa5/0x130\n xa_store+0x2c/0x50\n kvm_vm_set_mem_attributes+0x343/0x710 [kvm]\n kvm_vm_ioctl+0x796/0xab0 [kvm]\n __x64_sys_ioctl+0xa3/0xd0\n do_syscall_64+0x8c/0x7a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f5578d031bb\nCode: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2d 4c 0f 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffe0a742b88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000000004020aed2 RCX: 00007f5578d031bb\nRDX: 00007ffe0a742c80 RSI: 000000004020aed2 RDI: 000000000000000b\nRBP: 0000010000000000 R08: 0000010000000000 R09: 0000017680000000\nR10: 0000000000000080 R11: 0000000000000246 R12: 00005575e5f95120\nR13: 00007ffe0a742c80 R14: 0000000000000008 R15: 00005575e5f961e0\n\nWhile looping through the range of memory setting the attributes,\ncall cond_resched() to give the scheduler a chance to run a higher\npriority task on the runqueue if necessary and avoid staying in\nkernel mode long enough to trigger the lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38506",
"url": "https://www.suse.com/security/cve/CVE-2025-38506"
},
{
"category": "external",
"summary": "SUSE Bug 1248186 for CVE-2025-38506",
"url": "https://bugzilla.suse.com/1248186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "low"
}
],
"title": "CVE-2025-38506"
},
{
"cve": "CVE-2025-38510",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38510"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkasan: remove kasan_find_vm_area() to prevent possible deadlock\n\nfind_vm_area() couldn\u0027t be called in atomic_context. If find_vm_area() is\ncalled to reports vm area information, kasan can trigger deadlock like:\n\nCPU0 CPU1\nvmalloc();\n alloc_vmap_area();\n spin_lock(\u0026vn-\u003ebusy.lock)\n spin_lock_bh(\u0026some_lock);\n \u003cinterrupt occurs\u003e\n \u003cin softirq\u003e\n spin_lock(\u0026some_lock);\n \u003caccess invalid address\u003e\n kasan_report();\n print_report();\n print_address_description();\n kasan_find_vm_area();\n find_vm_area();\n spin_lock(\u0026vn-\u003ebusy.lock) // deadlock!\n\nTo prevent possible deadlock while kasan reports, remove kasan_find_vm_area().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38510",
"url": "https://www.suse.com/security/cve/CVE-2025-38510"
},
{
"category": "external",
"summary": "SUSE Bug 1248166 for CVE-2025-38510",
"url": "https://bugzilla.suse.com/1248166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38510"
},
{
"cve": "CVE-2025-38511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/pf: Clear all LMTT pages on alloc\n\nOur LMEM buffer objects are not cleared by default on alloc\nand during VF provisioning we only setup LMTT PTEs for the\nactually provisioned LMEM range. But beyond that valid range\nwe might leave some stale data that could either point to some\nother VFs allocations or even to the PF pages.\n\nExplicitly clear all new LMTT page to avoid the risk that a\nmalicious VF would try to exploit that gap.\n\nWhile around add asserts to catch any undesired PTE overwrites\nand low-level debug traces to track LMTT PT life-cycle.\n\n(cherry picked from commit 3fae6918a3e27cce20ded2551f863fb05d4bef8d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38511",
"url": "https://www.suse.com/security/cve/CVE-2025-38511"
},
{
"category": "external",
"summary": "SUSE Bug 1248175 for CVE-2025-38511",
"url": "https://bugzilla.suse.com/1248175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38511"
},
{
"cve": "CVE-2025-38512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: prevent A-MSDU attacks in mesh networks\n\nThis patch is a mitigation to prevent the A-MSDU spoofing vulnerability\nfor mesh networks. The initial update to the IEEE 802.11 standard, in\nresponse to the FragAttacks, missed this case (CVE-2025-27558). It can\nbe considered a variant of CVE-2020-24588 but for mesh networks.\n\nThis patch tries to detect if a standard MSDU was turned into an A-MSDU\nby an adversary. This is done by parsing a received A-MSDU as a standard\nMSDU, calculating the length of the Mesh Control header, and seeing if\nthe 6 bytes after this header equal the start of an rfc1042 header. If\nequal, this is a strong indication of an ongoing attack attempt.\n\nThis defense was tested with mac80211_hwsim against a mesh network that\nuses an empty Mesh Address Extension field, i.e., when four addresses\nare used, and when using a 12-byte Mesh Address Extension field, i.e.,\nwhen six addresses are used. Functionality of normal MSDUs and A-MSDUs\nwas also tested, and confirmed working, when using both an empty and\n12-byte Mesh Address Extension field.\n\nIt was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh\nnetworks keep being detected and prevented.\n\nNote that the vulnerability being patched, and the defense being\nimplemented, was also discussed in the following paper and in the\nfollowing IEEE 802.11 presentation:\n\nhttps://papers.mathyvanhoef.com/wisec2025.pdf\nhttps://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38512",
"url": "https://www.suse.com/security/cve/CVE-2025-38512"
},
{
"category": "external",
"summary": "SUSE Bug 1248178 for CVE-2025-38512",
"url": "https://bugzilla.suse.com/1248178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38512"
},
{
"cve": "CVE-2025-38513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()\n\nThere is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For\nexample, the following is possible:\n\n \tT0\t\t\t \t\tT1\nzd_mac_tx_to_dev()\n /* len == skb_queue_len(q) */\n while (len \u003e ZD_MAC_MAX_ACK_WAITERS) {\n\n\t\t\t\t\t filter_ack()\n\t\t\t\t\t spin_lock_irqsave(\u0026q-\u003elock, flags);\n\t\t\t\t\t /* position == skb_queue_len(q) */\n\t\t\t\t\t for (i=1; i\u003cposition; i++)\n\t\t\t\t \t skb = __skb_dequeue(q)\n\n\t\t\t\t\t if (mac-\u003etype == NL80211_IFTYPE_AP)\n\t\t\t\t\t skb = __skb_dequeue(q);\n\t\t\t\t\t spin_unlock_irqrestore(\u0026q-\u003elock, flags);\n\n skb_dequeue() -\u003e NULL\n\nSince there is a small gap between checking skb queue length and skb being\nunconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.\nThen the pointer is passed to zd_mac_tx_status() where it is dereferenced.\n\nIn order to avoid potential NULL pointer dereference due to situations like\nabove, check if skb is not NULL before passing it to zd_mac_tx_status().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38513",
"url": "https://www.suse.com/security/cve/CVE-2025-38513"
},
{
"category": "external",
"summary": "SUSE Bug 1248179 for CVE-2025-38513",
"url": "https://bugzilla.suse.com/1248179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38513"
},
{
"cve": "CVE-2025-38515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Increment job count before swapping tail spsc queue\n\nA small race exists between spsc_queue_push and the run-job worker, in\nwhich spsc_queue_push may return not-first while the run-job worker has\nalready idled due to the job count being zero. If this race occurs, job\nscheduling stops, leading to hangs while waiting on the job\u0027s DMA\nfences.\n\nSeal this race by incrementing the job count before appending to the\nSPSC queue.\n\nThis race was observed on a drm-tip 6.16-rc1 build with the Xe driver in\nan SVM test case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38515",
"url": "https://www.suse.com/security/cve/CVE-2025-38515"
},
{
"category": "external",
"summary": "SUSE Bug 1248212 for CVE-2025-38515",
"url": "https://bugzilla.suse.com/1248212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38515"
},
{
"cve": "CVE-2025-38516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: qcom: msm: mark certain pins as invalid for interrupts\n\nOn some platforms, the UFS-reset pin has no interrupt logic in TLMM but\nis nevertheless registered as a GPIO in the kernel. This enables the\nuser-space to trigger a BUG() in the pinctrl-msm driver by running, for\nexample: `gpiomon -c 0 113` on RB2.\n\nThe exact culprit is requesting pins whose intr_detection_width setting\nis not 1 or 2 for interrupts. This hits a BUG() in\nmsm_gpio_irq_set_type(). Potentially crashing the kernel due to an\ninvalid request from user-space is not optimal, so let\u0027s go through the\npins and mark those that would fail the check as invalid for the irq chip\nas we should not even register them as available irqs.\n\nThis function can be extended if we determine that there are more\ncorner-cases like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38516",
"url": "https://www.suse.com/security/cve/CVE-2025-38516"
},
{
"category": "external",
"summary": "SUSE Bug 1248209 for CVE-2025-38516",
"url": "https://bugzilla.suse.com/1248209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38516"
},
{
"cve": "CVE-2025-38520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Don\u0027t call mmput from MMU notifier callback\n\nIf the process is exiting, the mmput inside mmu notifier callback from\ncompactd or fork or numa balancing could release the last reference\nof mm struct to call exit_mmap and free_pgtable, this triggers deadlock\nwith below backtrace.\n\nThe deadlock will leak kfd process as mmu notifier release is not called\nand cause VRAM leaking.\n\nThe fix is to take mm reference mmget_non_zero when adding prange to the\ndeferred list to pair with mmput in deferred list work.\n\nIf prange split and add into pchild list, the pchild work_item.mm is not\nused, so remove the mm parameter from svm_range_unmap_split and\nsvm_range_add_child.\n\nThe backtrace of hung task:\n\n INFO: task python:348105 blocked for more than 64512 seconds.\n Call Trace:\n __schedule+0x1c3/0x550\n schedule+0x46/0xb0\n rwsem_down_write_slowpath+0x24b/0x4c0\n unlink_anon_vmas+0xb1/0x1c0\n free_pgtables+0xa9/0x130\n exit_mmap+0xbc/0x1a0\n mmput+0x5a/0x140\n svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]\n mn_itree_invalidate+0x72/0xc0\n __mmu_notifier_invalidate_range_start+0x48/0x60\n try_to_unmap_one+0x10fa/0x1400\n rmap_walk_anon+0x196/0x460\n try_to_unmap+0xbb/0x210\n migrate_page_unmap+0x54d/0x7e0\n migrate_pages_batch+0x1c3/0xae0\n migrate_pages_sync+0x98/0x240\n migrate_pages+0x25c/0x520\n compact_zone+0x29d/0x590\n compact_zone_order+0xb6/0xf0\n try_to_compact_pages+0xbe/0x220\n __alloc_pages_direct_compact+0x96/0x1a0\n __alloc_pages_slowpath+0x410/0x930\n __alloc_pages_nodemask+0x3a9/0x3e0\n do_huge_pmd_anonymous_page+0xd7/0x3e0\n __handle_mm_fault+0x5e3/0x5f0\n handle_mm_fault+0xf7/0x2e0\n hmm_vma_fault.isra.0+0x4d/0xa0\n walk_pmd_range.isra.0+0xa8/0x310\n walk_pud_range+0x167/0x240\n walk_pgd_range+0x55/0x100\n __walk_page_range+0x87/0x90\n walk_page_range+0xf6/0x160\n hmm_range_fault+0x4f/0x90\n amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]\n amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]\n init_user_pages+0xb1/0x2a0 [amdgpu]\n amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]\n kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]\n kfd_ioctl+0x29d/0x500 [amdgpu]\n\n(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38520",
"url": "https://www.suse.com/security/cve/CVE-2025-38520"
},
{
"category": "external",
"summary": "SUSE Bug 1248217 for CVE-2025-38520",
"url": "https://bugzilla.suse.com/1248217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38520"
},
{
"cve": "CVE-2025-38521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix kernel crash when hard resetting the GPU\n\nThe GPU hard reset sequence calls pm_runtime_force_suspend() and\npm_runtime_force_resume(), which according to their documentation should\nonly be used during system-wide PM transitions to sleep states.\n\nThe main issue though is that depending on some internal runtime PM\nstate as seen by pm_runtime_force_suspend() (whether the usage count is\n\u003c= 1), pm_runtime_force_resume() might not resume the device unless\nneeded. If that happens, the runtime PM resume callback\npvr_power_device_resume() is not called, the GPU clocks are not\nre-enabled, and the kernel crashes on the next attempt to access GPU\nregisters as part of the power-on sequence.\n\nReplace calls to pm_runtime_force_suspend() and\npm_runtime_force_resume() with direct calls to the driver\u0027s runtime PM\ncallbacks, pvr_power_device_suspend() and pvr_power_device_resume(),\nto ensure clocks are re-enabled and avoid the kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38521",
"url": "https://www.suse.com/security/cve/CVE-2025-38521"
},
{
"category": "external",
"summary": "SUSE Bug 1248232 for CVE-2025-38521",
"url": "https://bugzilla.suse.com/1248232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38521"
},
{
"cve": "CVE-2025-38524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix recv-recv race of completed call\n\nIf a call receives an event (such as incoming data), the call gets placed\non the socket\u0027s queue and a thread in recvmsg can be awakened to go and\nprocess it. Once the thread has picked up the call off of the queue,\nfurther events will cause it to be requeued, and once the socket lock is\ndropped (recvmsg uses call-\u003euser_mutex to allow the socket to be used in\nparallel), a second thread can come in and its recvmsg can pop the call off\nthe socket queue again.\n\nIn such a case, the first thread will be receiving stuff from the call and\nthe second thread will be blocked on call-\u003euser_mutex. The first thread\ncan, at this point, process both the event that it picked call for and the\nevent that the second thread picked the call for and may see the call\nterminate - in which case the call will be \"released\", decoupling the call\nfrom the user call ID assigned to it (RXRPC_USER_CALL_ID in the control\nmessage).\n\nThe first thread will return okay, but then the second thread will wake up\nholding the user_mutex and, if it sees that the call has been released by\nthe first thread, it will BUG thusly:\n\n\tkernel BUG at net/rxrpc/recvmsg.c:474!\n\nFix this by just dequeuing the call and ignoring it if it is seen to be\nalready released. We can\u0027t tell userspace about it anyway as the user call\nID has become stale.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38524",
"url": "https://www.suse.com/security/cve/CVE-2025-38524"
},
{
"category": "external",
"summary": "SUSE Bug 1248194 for CVE-2025-38524",
"url": "https://bugzilla.suse.com/1248194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38524"
},
{
"cve": "CVE-2025-38528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject %p% format string in bprintf-like helpers\n\nstatic const char fmt[] = \"%p%\";\n bpf_trace_printk(fmt, sizeof(fmt));\n\nThe above BPF program isn\u0027t rejected and causes a kernel warning at\nruntime:\n\n Please remove unsupported %\\x00 in format string\n WARNING: CPU: 1 PID: 7244 at lib/vsprintf.c:2680 format_decode+0x49c/0x5d0\n\nThis happens because bpf_bprintf_prepare skips over the second %,\ndetected as punctuation, while processing %p. This patch fixes it by\nnot skipping over punctuation. %\\x00 is then processed in the next\niteration and rejected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38528",
"url": "https://www.suse.com/security/cve/CVE-2025-38528"
},
{
"category": "external",
"summary": "SUSE Bug 1248198 for CVE-2025-38528",
"url": "https://bugzilla.suse.com/1248198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38528"
},
{
"cve": "CVE-2025-38529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 0xdcfc) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38529",
"url": "https://www.suse.com/security/cve/CVE-2025-38529"
},
{
"category": "external",
"summary": "SUSE Bug 1248196 for CVE-2025-38529",
"url": "https://bugzilla.suse.com/1248196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38529"
},
{
"cve": "CVE-2025-38530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 \u003c\u003c it-\u003eoptions[1]) \u0026 board-\u003eirq_bits) {\n\nHowever, `it-\u003eoptions[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it-\u003eoptions[1]` to be within bounds before proceeding with\nthe original test. Valid `it-\u003eoptions[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38530",
"url": "https://www.suse.com/security/cve/CVE-2025-38530"
},
{
"category": "external",
"summary": "SUSE Bug 1248206 for CVE-2025-38530",
"url": "https://bugzilla.suse.com/1248206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38530"
},
{
"cve": "CVE-2025-38531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38531"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: common: st_sensors: Fix use of uninitialize device structs\n\nThroughout the various probe functions \u0026indio_dev-\u003edev is used before it\nis initialized. This caused a kernel panic in st_sensors_power_enable()\nwhen the call to devm_regulator_bulk_get_enable() fails and then calls\ndev_err_probe() with the uninitialized device.\n\nThis seems to only cause a panic with dev_err_probe(), dev_err(),\ndev_warn() and dev_info() don\u0027t seem to cause a panic, but are fixed\nas well.\n\nThe issue is reported and traced here: [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38531",
"url": "https://www.suse.com/security/cve/CVE-2025-38531"
},
{
"category": "external",
"summary": "SUSE Bug 1248205 for CVE-2025-38531",
"url": "https://bugzilla.suse.com/1248205"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38531"
},
{
"cve": "CVE-2025-38535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode\n\nWhen transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code\nassumed that the regulator should be disabled. However, if the regulator\nis marked as always-on, regulator_is_enabled() continues to return true,\nleading to an incorrect attempt to disable a regulator which is not\nenabled.\n\nThis can result in warnings such as:\n\n[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004\n_regulator_disable+0xe4/0x1a0\n[ 250.155652] unbalanced disables for VIN_SYS_5V0\n\nTo fix this, we move the regulator control logic into\ntegra186_xusb_padctl_id_override() function since it\u0027s directly related\nto the ID override state. The regulator is now only disabled when the role\ntransitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID\nregister. This ensures that regulator enable/disable operations are\nproperly balanced and only occur when actually transitioning to/from host\nmode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38535",
"url": "https://www.suse.com/security/cve/CVE-2025-38535"
},
{
"category": "external",
"summary": "SUSE Bug 1248240 for CVE-2025-38535",
"url": "https://bugzilla.suse.com/1248240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38535"
},
{
"cve": "CVE-2025-38537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Don\u0027t register LEDs for genphy\n\nIf a PHY has no driver, the genphy driver is probed/removed directly in\nphy_attach/detach. If the PHY\u0027s ofnode has an \"leds\" subnode, then the\nLEDs will be (un)registered when probing/removing the genphy driver.\nThis could occur if the leds are for a non-generic driver that isn\u0027t\nloaded for whatever reason. Synchronously removing the PHY device in\nphy_detach leads to the following deadlock:\n\nrtnl_lock()\nndo_close()\n ...\n phy_detach()\n phy_remove()\n phy_leds_unregister()\n led_classdev_unregister()\n led_trigger_set()\n netdev_trigger_deactivate()\n unregister_netdevice_notifier()\n rtnl_lock()\n\nThere is a corresponding deadlock on the open/register side of things\n(and that one is reported by lockdep), but it requires a race while this\none is deterministic.\n\nGeneric PHYs do not support LEDs anyway, so don\u0027t bother registering\nthem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38537",
"url": "https://www.suse.com/security/cve/CVE-2025-38537"
},
{
"category": "external",
"summary": "SUSE Bug 1248229 for CVE-2025-38537",
"url": "https://bugzilla.suse.com/1248229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38537"
},
{
"cve": "CVE-2025-38538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf-\u003echan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we\u0027re\ncopying data from the irqbuf[] array into the nbpf-\u003echan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don\u0027t go beyond the\nend of the irqbuf[] array. I\u0027m pretty sure this can\u0027t happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn\u0027t in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38538",
"url": "https://www.suse.com/security/cve/CVE-2025-38538"
},
{
"category": "external",
"summary": "SUSE Bug 1248213 for CVE-2025-38538",
"url": "https://bugzilla.suse.com/1248213"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38538"
},
{
"cve": "CVE-2025-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras\n\nThe Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 \u0026 04F2:B82C)\nreport a HID sensor interface that is not actually implemented.\nAttempting to access this non-functional sensor via iio_info causes\nsystem hangs as runtime PM tries to wake up an unresponsive sensor.\n\nAdd these 2 devices to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38540",
"url": "https://www.suse.com/security/cve/CVE-2025-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1248208 for CVE-2025-38540",
"url": "https://bugzilla.suse.com/1248208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38540"
},
{
"cve": "CVE-2025-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()\n\ndevm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()\ndoes not check for this case, which results in a NULL pointer\ndereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38541",
"url": "https://www.suse.com/security/cve/CVE-2025-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1248216 for CVE-2025-38541",
"url": "https://bugzilla.suse.com/1248216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38541"
},
{
"cve": "CVE-2025-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: nvdec: Fix dma_alloc_coherent error check\n\nCheck for NULL return value with dma_alloc_coherent, in line with\nRobin\u0027s fix for vic.c in \u0027drm/tegra: vic: Fix DMA API misuse\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38543",
"url": "https://www.suse.com/security/cve/CVE-2025-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1248214 for CVE-2025-38543",
"url": "https://bugzilla.suse.com/1248214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38543"
},
{
"cve": "CVE-2025-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix memory leak of struct clip_vcc.\n\nioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to\nvcc-\u003euser_back.\n\nThe code assumes that vcc_destroy_socket() passes NULL skb\nto vcc-\u003epush() when the socket is close()d, and then clip_push()\nfrees clip_vcc.\n\nHowever, ioctl(ATMARPD_CTRL) sets NULL to vcc-\u003epush() in\natm_init_atmarp(), resulting in memory leak.\n\nLet\u0027s serialise two ioctl() by lock_sock() and check vcc-\u003epush()\nin atm_init_atmarp() to prevent memleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38546",
"url": "https://www.suse.com/security/cve/CVE-2025-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1248223 for CVE-2025-38546",
"url": "https://bugzilla.suse.com/1248223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38546"
},
{
"cve": "CVE-2025-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38548",
"url": "https://www.suse.com/security/cve/CVE-2025-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1248228 for CVE-2025-38548",
"url": "https://bugzilla.suse.com/1248228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38548"
},
{
"cve": "CVE-2025-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: Delay put pmc-\u003eidev in mld_del_delrec()\n\npmc-\u003eidev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()\ndoes, the reference should be put after ip6_mc_clear_src() return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38550",
"url": "https://www.suse.com/security/cve/CVE-2025-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1248227 for CVE-2025-38550",
"url": "https://bugzilla.suse.com/1248227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38550"
},
{
"cve": "CVE-2025-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Restrict conditions for adding duplicating netems to qdisc tree\n\nnetem_enqueue\u0027s duplication prevention logic breaks when a netem\nresides in a qdisc tree with other netems - this can lead to a\nsoft lockup and OOM loop in netem_dequeue, as seen in [1].\nEnsure that a duplicating netem cannot exist in a tree with other\nnetems.\n\nPrevious approaches suggested in discussions in chronological order:\n\n1) Track duplication status or ttl in the sk_buff struct. Considered\ntoo specific a use case to extend such a struct, though this would\nbe a resilient fix and address other previous and potential future\nDOS bugs like the one described in loopy fun [2].\n\n2) Restrict netem_enqueue recursion depth like in act_mirred with a\nper cpu variable. However, netem_dequeue can call enqueue on its\nchild, and the depth restriction could be bypassed if the child is a\nnetem.\n\n3) Use the same approach as in 2, but add metadata in netem_skb_cb\nto handle the netem_dequeue case and track a packet\u0027s involvement\nin duplication. This is an overly complex approach, and Jamal\nnotes that the skb cb can be overwritten to circumvent this\nsafeguard.\n\n4) Prevent the addition of a netem to a qdisc tree if its ancestral\npath contains a netem. However, filters and actions can cause a\npacket to change paths when re-enqueued to the root from netem\nduplication, leading us to the current solution: prevent a\nduplicating netem from inhabiting the same tree as other netems.\n\n[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/\n[2] https://lwn.net/Articles/719297/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38553",
"url": "https://www.suse.com/security/cve/CVE-2025-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1248255 for CVE-2025-38553",
"url": "https://bugzilla.suse.com/1248255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38553"
},
{
"cve": "CVE-2025-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget : fix use-after-free in composite_dev_cleanup()\n\n1. In func configfs_composite_bind() -\u003e composite_os_desc_req_prepare():\nif kmalloc fails, the pointer cdev-\u003eos_desc_req will be freed but not\nset to NULL. Then it will return a failure to the upper-level function.\n2. in func configfs_composite_bind() -\u003e composite_dev_cleanup():\nit will checks whether cdev-\u003eos_desc_req is NULL. If it is not NULL, it\nwill attempt to use it.This will lead to a use-after-free issue.\n\nBUG: KASAN: use-after-free in composite_dev_cleanup+0xf4/0x2c0\nRead of size 8 at addr 0000004827837a00 by task init/1\n\nCPU: 10 PID: 1 Comm: init Tainted: G O 5.10.97-oh #1\n kasan_report+0x188/0x1cc\n __asan_load8+0xb4/0xbc\n composite_dev_cleanup+0xf4/0x2c0\n configfs_composite_bind+0x210/0x7ac\n udc_bind_to_driver+0xb4/0x1ec\n usb_gadget_probe_driver+0xec/0x21c\n gadget_dev_desc_UDC_store+0x264/0x27c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38555",
"url": "https://www.suse.com/security/cve/CVE-2025-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1248297 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248297"
},
{
"category": "external",
"summary": "SUSE Bug 1248298 for CVE-2025-38555",
"url": "https://bugzilla.suse.com/1248298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38555"
},
{
"cve": "CVE-2025-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sev: Evict cache lines during SNP memory validation\n\nAn SNP cache coherency vulnerability requires a cache line eviction\nmitigation when validating memory after a page state change to private.\nThe specific mitigation is to touch the first and last byte of each 4K\npage that is being validated. There is no need to perform the mitigation\nwhen performing a page state change to shared and rescinding validation.\n\nCPUID bit Fn8000001F_EBX[31] defines the COHERENCY_SFW_NO CPUID bit\nthat, when set, indicates that the software mitigation for this\nvulnerability is not needed.\n\nImplement the mitigation and invoke it when validating memory (making it\nprivate) and the COHERENCY_SFW_NO bit is not set, indicating the SNP\nguest is vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38560",
"url": "https://www.suse.com/security/cve/CVE-2025-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1248312 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248312"
},
{
"category": "external",
"summary": "SUSE Bug 1248313 for CVE-2025-38560",
"url": "https://bugzilla.suse.com/1248313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38560"
},
{
"cve": "CVE-2025-38563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()\u0027ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38563",
"url": "https://www.suse.com/security/cve/CVE-2025-38563"
},
{
"category": "external",
"summary": "SUSE Bug 1248306 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248306"
},
{
"category": "external",
"summary": "SUSE Bug 1248307 for CVE-2025-38563",
"url": "https://bugzilla.suse.com/1248307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38563"
},
{
"cve": "CVE-2025-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Exit early on perf_mmap() fail\n\nWhen perf_mmap() fails to allocate a buffer, it still invokes the\nevent_mapped() callback of the related event. On X86 this might increase\nthe perf_rdpmc_allowed reference counter. But nothing undoes this as\nperf_mmap_close() is never called in this case, which causes another\nreference count leak.\n\nReturn early on failure to prevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38565",
"url": "https://www.suse.com/security/cve/CVE-2025-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1248377 for CVE-2025-38565",
"url": "https://bugzilla.suse.com/1248377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "low"
}
],
"title": "CVE-2025-38565"
},
{
"cve": "CVE-2025-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix handling of server side tls alerts\n\nScott Mayhew discovered a security exploit in NFS over TLS in\ntls_alert_recv() due to its assumption it can read data from\nthe msg iterator\u0027s kvec..\n\nkTLS implementation splits TLS non-data record payload between\nthe control message buffer (which includes the type such as TLS\naler or TLS cipher change) and the rest of the payload (say TLS\nalert\u0027s level/description) which goes into the msg payload buffer.\n\nThis patch proposes to rework how control messages are setup and\nused by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a\nkvec backed msg buffer and read in the control message such as a\nTLS alert. Msg iterator can advance the kvec pointer as a part of\nthe copy process thus we need to revert the iterator before calling\ninto the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38566",
"url": "https://www.suse.com/security/cve/CVE-2025-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1248374 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248374"
},
{
"category": "external",
"summary": "SUSE Bug 1248376 for CVE-2025-38566",
"url": "https://bugzilla.suse.com/1248376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38566"
},
{
"cve": "CVE-2025-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: mqprio: fix stack out-of-bounds write in tc entry parsing\n\nTCA_MQPRIO_TC_ENTRY_INDEX is validated using\nNLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value\nTC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack\nwrite in the fp[] array, which only has room for 16 elements (0-15).\n\nFix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38568",
"url": "https://www.suse.com/security/cve/CVE-2025-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1248386 for CVE-2025-38568",
"url": "https://bugzilla.suse.com/1248386"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38568"
},
{
"cve": "CVE-2025-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix client side handling of tls alerts\n\nA security exploit was discovered in NFS over TLS in tls_alert_recv\ndue to its assumption that there is valid data in the msghdr\u0027s\niterator\u0027s kvec.\n\nInstead, this patch proposes the rework how control messages are\nsetup and used by sock_recvmsg().\n\nIf no control message structure is setup, kTLS layer will read and\nprocess TLS data record types. As soon as it encounters a TLS control\nmessage, it would return an error. At that point, NFS can setup a kvec\nbacked control buffer and read in the control message such as a TLS\nalert. Scott found that a msg iterator can advance the kvec pointer\nas a part of the copy process thus we need to revert the iterator\nbefore calling into the tls_alert_recv.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38571",
"url": "https://www.suse.com/security/cve/CVE-2025-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1248401 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248401"
},
{
"category": "external",
"summary": "SUSE Bug 1248402 for CVE-2025-38571",
"url": "https://bugzilla.suse.com/1248402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38571"
},
{
"cve": "CVE-2025-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb-\u003etransport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \u003cTASK\u003e\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38572",
"url": "https://www.suse.com/security/cve/CVE-2025-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1248399 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248399"
},
{
"category": "external",
"summary": "SUSE Bug 1248400 for CVE-2025-38572",
"url": "https://bugzilla.suse.com/1248400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38572"
},
{
"cve": "CVE-2025-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/eeh: Make EEH driver device hotplug safe\n\nMultiple race conditions existed between the PCIe hotplug driver and the\nEEH driver, leading to a variety of kernel oopses of the same general\nnature:\n\n\u003cpcie device unplug\u003e\n\u003ceeh driver trigger\u003e\n\u003chotplug removal trigger\u003e\n\u003cpcie tree reconfiguration\u003e\n\u003ceeh recovery next step\u003e\n\u003coops in EEH driver bus iteration loop\u003e\n\nA second class of oops is also seen when the underlying bus disappears\nduring device recovery.\n\nRefactor the EEH module to be PCI rescan and remove safe. Also clean\nup a few minor formatting / readability issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38576",
"url": "https://www.suse.com/security/cve/CVE-2025-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1248354 for CVE-2025-38576",
"url": "https://bugzilla.suse.com/1248354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38576"
},
{
"cve": "CVE-2025-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Fix crash when rebind ccp device for ccp.ko\n\nWhen CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding\nthe ccp device causes the following crash:\n\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/unbind\n$ echo \u00270000:0a:00.2\u0027 \u003e /sys/bus/pci/drivers/ccp/bind\n\n[ 204.976930] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 204.978026] #PF: supervisor write access in kernel mode\n[ 204.979126] #PF: error_code(0x0002) - not-present page\n[ 204.980226] PGD 0 P4D 0\n[ 204.981317] Oops: Oops: 0002 [#1] SMP NOPTI\n...\n[ 204.997852] Call Trace:\n[ 204.999074] \u003cTASK\u003e\n[ 205.000297] start_creating+0x9f/0x1c0\n[ 205.001533] debugfs_create_dir+0x1f/0x170\n[ 205.002769] ? srso_return_thunk+0x5/0x5f\n[ 205.004000] ccp5_debugfs_setup+0x87/0x170 [ccp]\n[ 205.005241] ccp5_init+0x8b2/0x960 [ccp]\n[ 205.006469] ccp_dev_init+0xd4/0x150 [ccp]\n[ 205.007709] sp_init+0x5f/0x80 [ccp]\n[ 205.008942] sp_pci_probe+0x283/0x2e0 [ccp]\n[ 205.010165] ? srso_return_thunk+0x5/0x5f\n[ 205.011376] local_pci_probe+0x4f/0xb0\n[ 205.012584] pci_device_probe+0xdb/0x230\n[ 205.013810] really_probe+0xed/0x380\n[ 205.015024] __driver_probe_device+0x7e/0x160\n[ 205.016240] device_driver_attach+0x2f/0x60\n[ 205.017457] bind_store+0x7c/0xb0\n[ 205.018663] drv_attr_store+0x28/0x40\n[ 205.019868] sysfs_kf_write+0x5f/0x70\n[ 205.021065] kernfs_fop_write_iter+0x145/0x1d0\n[ 205.022267] vfs_write+0x308/0x440\n[ 205.023453] ksys_write+0x6d/0xe0\n[ 205.024616] __x64_sys_write+0x1e/0x30\n[ 205.025778] x64_sys_call+0x16ba/0x2150\n[ 205.026942] do_syscall_64+0x56/0x1e0\n[ 205.028108] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 205.029276] RIP: 0033:0x7fbc36f10104\n[ 205.030420] Code: 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8d 05 e1 08 2e 00 8b 00 85 c0 75 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 f3 c3 66 90 41 54 55 49 89 d4 53 48 89 f5\n\nThis patch sets ccp_debugfs_dir to NULL after destroying it in\nccp5_debugfs_destroy, allowing the directory dentry to be\nrecreated when rebinding the ccp device.\n\nTested on AMD Ryzen 7 1700X.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38581",
"url": "https://www.suse.com/security/cve/CVE-2025-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1248345 for CVE-2025-38581",
"url": "https://bugzilla.suse.com/1248345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38581"
},
{
"cve": "CVE-2025-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix double destruction of rsv_qp\n\nrsv_qp may be double destroyed in error flow, first in free_mr_init(),\nand then in hns_roce_exit(). Fix it by moving the free_mr_init() call\ninto hns_roce_v2_init().\n\nlist_del corruption, ffff589732eb9b50-\u003enext is LIST_POISON1 (dead000000000100)\nWARNING: CPU: 8 PID: 1047115 at lib/list_debug.c:53 __list_del_entry_valid+0x148/0x240\n...\nCall trace:\n __list_del_entry_valid+0x148/0x240\n hns_roce_qp_remove+0x4c/0x3f0 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp_common+0x1dc/0x5f4 [hns_roce_hw_v2]\n hns_roce_v2_destroy_qp+0x22c/0x46c [hns_roce_hw_v2]\n free_mr_exit+0x6c/0x120 [hns_roce_hw_v2]\n hns_roce_v2_exit+0x170/0x200 [hns_roce_hw_v2]\n hns_roce_exit+0x118/0x350 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x1c8/0x304 [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify_init+0x170/0x21c [hns_roce_hw_v2]\n hns_roce_hw_v2_reset_notify+0x6c/0x190 [hns_roce_hw_v2]\n hclge_notify_roce_client+0x6c/0x160 [hclge]\n hclge_reset_rebuild+0x150/0x5c0 [hclge]\n hclge_reset+0x10c/0x140 [hclge]\n hclge_reset_subtask+0x80/0x104 [hclge]\n hclge_reset_service_task+0x168/0x3ac [hclge]\n hclge_service_task+0x50/0x100 [hclge]\n process_one_work+0x250/0x9a0\n worker_thread+0x324/0x990\n kthread+0x190/0x210\n ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38582",
"url": "https://www.suse.com/security/cve/CVE-2025-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1248349 for CVE-2025-38582",
"url": "https://bugzilla.suse.com/1248349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38582"
},
{
"cve": "CVE-2025-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: xilinx: vcu: unregister pll_post only if registered correctly\n\nIf registration of pll_post is failed, it will be set to NULL or ERR,\nunregistering same will fail with following call trace:\n\nUnable to handle kernel NULL pointer dereference at virtual address 008\npc : clk_hw_unregister+0xc/0x20\nlr : clk_hw_unregister_fixed_factor+0x18/0x30\nsp : ffff800011923850\n...\nCall trace:\n clk_hw_unregister+0xc/0x20\n clk_hw_unregister_fixed_factor+0x18/0x30\n xvcu_unregister_clock_provider+0xcc/0xf4 [xlnx_vcu]\n xvcu_probe+0x2bc/0x53c [xlnx_vcu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38583",
"url": "https://www.suse.com/security/cve/CVE-2025-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1248350 for CVE-2025-38583",
"url": "https://bugzilla.suse.com/1248350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38583"
},
{
"cve": "CVE-2025-38585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()\n\nWhen gmin_get_config_var() calls efi.get_variable() and the EFI variable\nis larger than the expected buffer size, two behaviors combine to create\na stack buffer overflow:\n\n1. gmin_get_config_var() does not return the proper error code when\n efi.get_variable() fails. It returns the stale \u0027ret\u0027 value from\n earlier operations instead of indicating the EFI failure.\n\n2. When efi.get_variable() returns EFI_BUFFER_TOO_SMALL, it updates\n *out_len to the required buffer size but writes no data to the output\n buffer. However, due to bug #1, gmin_get_var_int() believes the call\n succeeded.\n\nThe caller gmin_get_var_int() then performs:\n- Allocates val[CFG_VAR_NAME_MAX + 1] (65 bytes) on stack\n- Calls gmin_get_config_var(dev, is_gmin, var, val, \u0026len) with len=64\n- If EFI variable is \u003e64 bytes, efi.get_variable() sets len=required_size\n- Due to bug #1, thinks call succeeded with len=required_size\n- Executes val[len] = 0, writing past end of 65-byte stack buffer\n\nThis creates a stack buffer overflow when EFI variables are larger than\n64 bytes. Since EFI variables can be controlled by firmware or system\nconfiguration, this could potentially be exploited for code execution.\n\nFix the bug by returning proper error codes from gmin_get_config_var()\nbased on EFI status instead of stale \u0027ret\u0027 value.\n\nThe gmin_get_var_int() function is called during device initialization\nfor camera sensor configuration on Intel Bay Trail and Cherry Trail\nplatforms using the atomisp camera stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38585",
"url": "https://www.suse.com/security/cve/CVE-2025-38585"
},
{
"category": "external",
"summary": "SUSE Bug 1248355 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248355"
},
{
"category": "external",
"summary": "SUSE Bug 1248671 for CVE-2025-38585",
"url": "https://bugzilla.suse.com/1248671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38585"
},
{
"cve": "CVE-2025-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38587",
"url": "https://www.suse.com/security/cve/CVE-2025-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1248361 for CVE-2025-38587",
"url": "https://bugzilla.suse.com/1248361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38587"
},
{
"cve": "CVE-2025-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent infinite loop in rt6_nlmsg_size()\n\nWhile testing prior patch, I was able to trigger\nan infinite loop in rt6_nlmsg_size() in the following place:\n\nlist_for_each_entry_rcu(sibling, \u0026f6i-\u003efib6_siblings,\n\t\t\tfib6_siblings) {\n\trt6_nh_nlmsg_size(sibling-\u003efib6_nh, \u0026nexthop_len);\n}\n\nThis is because fib6_del_route() and fib6_add_rt2node()\nuses list_del_rcu(), which can confuse rcu readers,\nbecause they might no longer see the head of the list.\n\nRestart the loop if f6i-\u003efib6_nsiblings is zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38588",
"url": "https://www.suse.com/security/cve/CVE-2025-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1248368 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1248368"
},
{
"category": "external",
"summary": "SUSE Bug 1249241 for CVE-2025-38588",
"url": "https://bugzilla.suse.com/1249241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38588"
},
{
"cve": "CVE-2025-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38591",
"url": "https://www.suse.com/security/cve/CVE-2025-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1248363 for CVE-2025-38591",
"url": "https://bugzilla.suse.com/1248363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: clear initialized flag for deinit-ed srng lists\n\nIn a number of cases we see kernel panics on resume due\nto ath11k kernel page fault, which happens under the\nfollowing circumstances:\n\n1) First ath11k_hal_dump_srng_stats() call\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 22511ms before\n ath11k_pci 0000:01:00.0: group_id 1 14440788ms before\n [..]\n ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..\n ath11k_pci 0000:01:00.0: Service connect timeout\n ath11k_pci 0000:01:00.0: failed to connect to HTT: -110\n ath11k_pci 0000:01:00.0: failed to start core: -110\n ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM\n ath11k_pci 0000:01:00.0: already resetting count 2\n ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110\n ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110\n ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery\n [..]\n\n2) At this point reconfiguration fails (we have 2 resets) and\n ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()\n which destroys srng lists. However, it does not reset per-list\n -\u003einitialized flag.\n\n3) Second ath11k_hal_dump_srng_stats() call sees stale -\u003einitialized\n flag and attempts to dump srng stats:\n\n Last interrupt received for each group:\n ath11k_pci 0000:01:00.0: group_id 0 66785ms before\n ath11k_pci 0000:01:00.0: group_id 1 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 2 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 3 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 4 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 5 14780845ms before\n ath11k_pci 0000:01:00.0: group_id 6 14485062ms before\n ath11k_pci 0000:01:00.0: group_id 7 66814ms before\n ath11k_pci 0000:01:00.0: group_id 8 68997ms before\n ath11k_pci 0000:01:00.0: group_id 9 67588ms before\n ath11k_pci 0000:01:00.0: group_id 10 69511ms before\n BUG: unable to handle page fault for address: ffffa007404eb010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0xae/0xb0\n ? page_fault_oops+0x381/0x3e0\n ? exc_page_fault+0x69/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]\n ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]\n worker_thread+0x389/0x930\n kthread+0x149/0x170\n\nClear per-list -\u003einitialized flag in ath11k_hal_srng_deinit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38601",
"url": "https://www.suse.com/security/cve/CVE-2025-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1248340 for CVE-2025-38601",
"url": "https://bugzilla.suse.com/1248340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38601"
},
{
"cve": "CVE-2025-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Add missing check for alloc_ordered_workqueue\n\nAdd check for the return value of alloc_ordered_workqueue since it may\nreturn NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38602",
"url": "https://www.suse.com/security/cve/CVE-2025-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1248341 for CVE-2025-38602",
"url": "https://bugzilla.suse.com/1248341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38602"
},
{
"cve": "CVE-2025-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl818x: Kill URBs before clearing tx status queue\n\nIn rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing\nb_tx_status.queue. This change prevents callbacks from using already freed\nskb due to anchor was not killed before freeing such skb.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000080\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015\n RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]\n Call Trace:\n \u003cIRQ\u003e\n rtl8187_tx_cb+0x116/0x150 [rtl8187]\n __usb_hcd_giveback_urb+0x9d/0x120\n usb_giveback_urb_bh+0xbb/0x140\n process_one_work+0x19b/0x3c0\n bh_worker+0x1a7/0x210\n tasklet_action+0x10/0x30\n handle_softirqs+0xf0/0x340\n __irq_exit_rcu+0xcd/0xf0\n common_interrupt+0x85/0xa0\n \u003c/IRQ\u003e\n\nTested on RTL8187BvE device.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38604",
"url": "https://www.suse.com/security/cve/CVE-2025-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1248333 for CVE-2025-38604",
"url": "https://bugzilla.suse.com/1248333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38604"
},
{
"cve": "CVE-2025-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()\n\nIn ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to\nretrieve the ab pointer. In vdev delete sequence the arvif-\u003ear could\nbecome NULL and that would trigger kernel panic.\nSince the caller ath12k_dp_tx() already has a valid ab pointer, pass it\ndirectly to avoid panic and unnecessary dereferencing.\n\nPC points to \"ath12k_dp_tx+0x228/0x988 [ath12k]\"\nLR points to \"ath12k_dp_tx+0xc8/0x988 [ath12k]\".\nThe Backtrace obtained is as follows:\nath12k_dp_tx+0x228/0x988 [ath12k]\nath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]\nieee80211_process_measurement_req+0x320/0x348 [mac80211]\nieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]\nieee80211_tx_dequeue+0xb14/0x1518 [mac80211]\nieee80211_tx_prepare_skb+0x224/0x254 [mac80211]\nieee80211_xmit+0xec/0x100 [mac80211]\n__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]\nieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]\nnetdev_start_xmit+0x150/0x18c\ndev_hard_start_xmit+0x74/0xc0\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38605",
"url": "https://www.suse.com/security/cve/CVE-2025-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1248334 for CVE-2025-38605",
"url": "https://bugzilla.suse.com/1248334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls\n\nWhen sending plaintext data, we initially calculated the corresponding\nciphertext length. However, if we later reduced the plaintext data length\nvia socket policy, we failed to recalculate the ciphertext length.\n\nThis results in transmitting buffers containing uninitialized data during\nciphertext transmission.\n\nThis causes uninitialized bytes to be appended after a complete\n\"Application Data\" packet, leading to errors on the receiving end when\nparsing TLS record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38608",
"url": "https://www.suse.com/security/cve/CVE-2025-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1248338 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248338"
},
{
"category": "external",
"summary": "SUSE Bug 1248670 for CVE-2025-38608",
"url": "https://bugzilla.suse.com/1248670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38608"
},
{
"cve": "CVE-2025-38609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Check governor before using governor-\u003ename\n\nCommit 96ffcdf239de (\"PM / devfreq: Remove redundant governor_name from\nstruct devfreq\") removes governor_name and uses governor-\u003ename to replace\nit. But devfreq-\u003egovernor may be NULL and directly using\ndevfreq-\u003egovernor-\u003ename may cause null pointer exception. Move the check of\ngovernor to before using governor-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38609",
"url": "https://www.suse.com/security/cve/CVE-2025-38609"
},
{
"category": "external",
"summary": "SUSE Bug 1248337 for CVE-2025-38609",
"url": "https://bugzilla.suse.com/1248337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38609"
},
{
"cve": "CVE-2025-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()\n\nThe get_pd_power_uw() function can crash with a NULL pointer dereference\nwhen em_cpu_get() returns NULL. This occurs when a CPU becomes impossible\nduring runtime, causing get_cpu_device() to return NULL, which propagates\nthrough em_cpu_get() and leads to a crash when em_span_cpus() dereferences\nthe NULL pointer.\n\nAdd a NULL check after em_cpu_get() and return 0 if unavailable,\nmatching the existing fallback behavior in __dtpm_cpu_setup().\n\n[ rjw: Drop an excess empty code line ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38610",
"url": "https://www.suse.com/security/cve/CVE-2025-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1248395 for CVE-2025-38610",
"url": "https://bugzilla.suse.com/1248395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38610"
},
{
"cve": "CVE-2025-38612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()\n\nIn the error paths after fb_info structure is successfully allocated,\nthe memory allocated in fb_deferred_io_init() for info-\u003epagerefs is not\nfreed. Fix that by adding the cleanup function on the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38612",
"url": "https://www.suse.com/security/cve/CVE-2025-38612"
},
{
"category": "external",
"summary": "SUSE Bug 1248390 for CVE-2025-38612",
"url": "https://bugzilla.suse.com/1248390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38612"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: make rdev_addable usable for rcu mode\n\nOur testcase trigger panic:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000e0\n...\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ #94\nPREEMPT(none)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nWorkqueue: md_misc md_start_sync\nRIP: 0010:rdev_addable+0x4d/0xf0\n...\nCall Trace:\n \u003cTASK\u003e\n md_start_sync+0x329/0x480\n process_one_work+0x226/0x6d0\n worker_thread+0x19e/0x340\n kthread+0x10f/0x250\n ret_from_fork+0x14d/0x180\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nModules linked in: raid10\nCR2: 00000000000000e0\n---[ end trace 0000000000000000 ]---\nRIP: 0010:rdev_addable+0x4d/0xf0\n\nmd_spares_need_change in md_start_sync will call rdev_addable which\nprotected by rcu_read_lock/rcu_read_unlock. This rcu context will help\nprotect rdev won\u0027t be released, but rdev-\u003emddev will be set to NULL\nbefore we call synchronize_rcu in md_kick_rdev_from_array. Fix this by\nusing READ_ONCE and check does rdev-\u003emddev still alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38621",
"url": "https://www.suse.com/security/cve/CVE-2025-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1248609 for CVE-2025-38621",
"url": "https://bugzilla.suse.com/1248609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38621"
},
{
"cve": "CVE-2025-38624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38624"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Clean up allocated IRQs on unplug\n\nWhen the root of a nested PCIe bridge configuration is unplugged, the\npnv_php driver leaked the allocated IRQ resources for the child bridges\u0027\nhotplug event notifications, resulting in a panic.\n\nFix this by walking all child buses and deallocating all its IRQ resources\nbefore calling pci_hp_remove_devices().\n\nAlso modify the lifetime of the workqueue at struct pnv_php_slot::wq so\nthat it is only destroyed in pnv_php_free_slot(), instead of\npnv_php_disable_irq(). This is required since pnv_php_disable_irq() will\nnow be called by workers triggered by hot unplug interrupts, so the\nworkqueue needs to stay allocated.\n\nThe abridged kernel panic that occurs without this patch is as follows:\n\n WARNING: CPU: 0 PID: 687 at kernel/irq/msi.c:292 msi_device_data_release+0x6c/0x9c\n CPU: 0 UID: 0 PID: 687 Comm: bash Not tainted 6.14.0-rc5+ #2\n Call Trace:\n msi_device_data_release+0x34/0x9c (unreliable)\n release_nodes+0x64/0x13c\n devres_release_all+0xc0/0x140\n device_del+0x2d4/0x46c\n pci_destroy_dev+0x5c/0x194\n pci_hp_remove_devices+0x90/0x128\n pci_hp_remove_devices+0x44/0x128\n pnv_php_disable_slot+0x54/0xd4\n power_write_file+0xf8/0x18c\n pci_slot_attr_store+0x40/0x5c\n sysfs_kf_write+0x64/0x78\n kernfs_fop_write_iter+0x1b0/0x290\n vfs_write+0x3bc/0x50c\n ksys_write+0x84/0x140\n system_call_exception+0x124/0x230\n system_call_vectored_common+0x15c/0x2ec\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38624",
"url": "https://www.suse.com/security/cve/CVE-2025-38624"
},
{
"category": "external",
"summary": "SUSE Bug 1248617 for CVE-2025-38624",
"url": "https://bugzilla.suse.com/1248617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38624"
},
{
"cve": "CVE-2025-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref\n\nfb_add_videomode() can fail with -ENOMEM when its internal kmalloc() cannot\nallocate a struct fb_modelist. If that happens, the modelist stays empty but\nthe driver continues to register. Add a check for its return value to prevent\npoteintial null-ptr-deref, which is similar to the commit 17186f1f90d3 (\"fbdev:\nFix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38630",
"url": "https://www.suse.com/security/cve/CVE-2025-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1248575 for CVE-2025-38630",
"url": "https://bugzilla.suse.com/1248575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38630"
},
{
"cve": "CVE-2025-38632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinmux: fix race causing mux_owner NULL with active mux_usecount\n\ncommit 5a3e85c3c397 (\"pinmux: Use sequential access to access\ndesc-\u003epinmux data\") tried to address the issue when two client of the\nsame gpio calls pinctrl_select_state() for the same functionality, was\nresulting in NULL pointer issue while accessing desc-\u003emux_owner.\nHowever, issue was not completely fixed due to the way it was handled\nand it can still result in the same NULL pointer.\n\nThe issue occurs due to the following interleaving:\n\n cpu0 (process A) cpu1 (process B)\n\n pin_request() { pin_free() {\n\n mutex_lock()\n desc-\u003emux_usecount--; //becomes 0\n ..\n mutex_unlock()\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_usecount++; // becomes 1\n desc-\u003emux_owner = owner;\n mutex_unlock(desc-\u003emux)\n\n mutex_lock(desc-\u003emux)\n desc-\u003emux_owner = NULL;\n mutex_unlock(desc-\u003emux)\n\nThis sequence leads to a state where the pin appears to be in use\n(`mux_usecount == 1`) but has no owner (`mux_owner == NULL`), which can\ncause NULL pointer on next pin_request on the same pin.\n\nEnsure that updates to mux_usecount and mux_owner are performed\natomically under the same lock. Only clear mux_owner when mux_usecount\nreaches zero and no new owner has been assigned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38632",
"url": "https://www.suse.com/security/cve/CVE-2025-38632"
},
{
"category": "external",
"summary": "SUSE Bug 1248669 for CVE-2025-38632",
"url": "https://bugzilla.suse.com/1248669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38632"
},
{
"cve": "CVE-2025-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: cpcap-charger: Fix null check for power_supply_get_by_name\n\nIn the cpcap_usb_detect() function, the power_supply_get_by_name()\nfunction may return `NULL` instead of an error pointer.\nTo prevent potential null pointer dereferences, Added a null check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38634",
"url": "https://www.suse.com/security/cve/CVE-2025-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1248666 for CVE-2025-38634",
"url": "https://bugzilla.suse.com/1248666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38634"
},
{
"cve": "CVE-2025-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: davinci: Add NULL check in davinci_lpsc_clk_register()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\ndavinci_lpsc_clk_register() does not check for this case, which results\nin a NULL pointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue and ensuring\nno resources are left allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38635",
"url": "https://www.suse.com/security/cve/CVE-2025-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1248573 for CVE-2025-38635",
"url": "https://bugzilla.suse.com/1248573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38635"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
},
{
"cve": "CVE-2025-38646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band\n\nWith a quite rare chance, RX report might be problematic to make SW think\na packet is received on 6 GHz band even if the chip does not support 6 GHz\nband actually. Since SW won\u0027t initialize stuffs for unsupported bands, NULL\ndereference will happen then in the sequence, rtw89_vif_rx_stats_iter() -\u003e\nrtw89_core_cancel_6ghz_probe_tx(). So, add a check to avoid it.\n\nThe following is a crash log for this case.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000032\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 1907 Comm: irq/131-rtw89_p Tainted: G U 6.6.56-05896-g89f5fb0eb30b #1 (HASH:1400 4)\n Hardware name: Google Telith/Telith, BIOS Google_Telith.15217.747.0 11/12/2024\n RIP: 0010:rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core]\n Code: 4c 89 7d c8 48 89 55 c0 49 8d 44 24 02 48 89 45 b8 45 31 ff eb 11\n 41 c6 45 3a 01 41 b7 01 4d 8b 6d 00 4d 39 f5 74 42 8b 43 10 \u003c41\u003e 33 45\n 32 0f b7 4b 14 66 41 33 4d 36 0f b7 c9 09 c1 74 d8 4d 85\n RSP: 0018:ffff9f3080138ca0 EFLAGS: 00010246\n RAX: 00000000b8bf5770 RBX: ffff91b5e8c639c0 RCX: 0000000000000011\n RDX: ffff91b582de1be8 RSI: 0000000000000000 RDI: ffff91b5e8c639e6\n RBP: ffff9f3080138d00 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff91b59de70000 R11: ffffffffc069be50 R12: ffff91b5e8c639e4\n R13: 0000000000000000 R14: ffff91b5828020b8 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff91b8efa40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000032 CR3: 00000002bf838000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __die_body+0x68/0xb0\n ? page_fault_oops+0x379/0x3e0\n ? exc_page_fault+0x4f/0xa0\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? rtw89_vif_rx_stats_iter+0xd2/0x310 [rtw89_core (HASH:1400 5)]\n __iterate_interfaces+0x59/0x110 [mac80211 (HASH:1400 6)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ? __pfx_rtw89_vif_rx_stats_iter+0x10/0x10 [rtw89_core (HASH:1400 5)]\n ieee80211_iterate_active_interfaces_atomic+0x36/0x50 [mac80211 (HASH:1400 6)]\n rtw89_core_rx_to_mac80211+0xfd/0x1b0 [rtw89_core (HASH:1400 5)]\n rtw89_core_rx+0x43a/0x980 [rtw89_core (HASH:1400 5)]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38646",
"url": "https://www.suse.com/security/cve/CVE-2025-38646"
},
{
"category": "external",
"summary": "SUSE Bug 1248577 for CVE-2025-38646",
"url": "https://bugzilla.suse.com/1248577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38646"
},
{
"cve": "CVE-2025-38650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: remove mutex_lock check in hfsplus_free_extents\n\nSyzbot reported an issue in hfsplus filesystem:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346\n\thfsplus_free_extents+0x700/0xad0\nCall Trace:\n\u003cTASK\u003e\nhfsplus_file_truncate+0x768/0xbb0 fs/hfsplus/extents.c:606\nhfsplus_write_begin+0xc2/0xd0 fs/hfsplus/inode.c:56\ncont_expand_zero fs/buffer.c:2383 [inline]\ncont_write_begin+0x2cf/0x860 fs/buffer.c:2446\nhfsplus_write_begin+0x86/0xd0 fs/hfsplus/inode.c:52\ngeneric_cont_expand_simple+0x151/0x250 fs/buffer.c:2347\nhfsplus_setattr+0x168/0x280 fs/hfsplus/inode.c:263\nnotify_change+0xe38/0x10f0 fs/attr.c:420\ndo_truncate+0x1fb/0x2e0 fs/open.c:65\ndo_sys_ftruncate+0x2eb/0x380 fs/open.c:193\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTo avoid deadlock, Commit 31651c607151 (\"hfsplus: avoid deadlock\non file truncation\") unlock extree before hfsplus_free_extents(),\nand add check wheather extree is locked in hfsplus_free_extents().\n\nHowever, when operations such as hfsplus_file_release,\nhfsplus_setattr, hfsplus_unlink, and hfsplus_get_block are executed\nconcurrently in different files, it is very likely to trigger the\nWARN_ON, which will lead syzbot and xfstest to consider it as an\nabnormality.\n\nThe comment above this warning also describes one of the easy\ntriggering situations, which can easily trigger and cause\nxfstest\u0026syzbot to report errors.\n\n[task A]\t\t\t[task B]\n-\u003ehfsplus_file_release\n -\u003ehfsplus_file_truncate\n -\u003ehfs_find_init\n -\u003emutex_lock\n -\u003emutex_unlock\n\t\t\t\t-\u003ehfsplus_write_begin\n\t\t\t\t -\u003ehfsplus_get_block\n\t\t\t\t -\u003ehfsplus_file_extend\n\t\t\t\t -\u003ehfsplus_ext_read_extent\n\t\t\t\t -\u003ehfs_find_init\n\t\t\t\t\t -\u003emutex_lock\n -\u003ehfsplus_free_extents\n WARN_ON(mutex_is_locked) !!!\n\nSeveral threads could try to lock the shared extents tree.\nAnd warning can be triggered in one thread when another thread\nhas locked the tree. This is the wrong behavior of the code and\nwe need to remove the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38650",
"url": "https://www.suse.com/security/cve/CVE-2025-38650"
},
{
"category": "external",
"summary": "SUSE Bug 1248746 for CVE-2025-38650",
"url": "https://bugzilla.suse.com/1248746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38650"
},
{
"cve": "CVE-2025-38656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()\n\nPreserve the error code if iwl_setup_deferred_work() fails. The current\ncode returns ERR_PTR(0) (which is NULL) on this path. I believe the\nmissing error code potentially leads to a use after free involving\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38656",
"url": "https://www.suse.com/security/cve/CVE-2025-38656"
},
{
"category": "external",
"summary": "SUSE Bug 1248643 for CVE-2025-38656",
"url": "https://bugzilla.suse.com/1248643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38656"
},
{
"cve": "CVE-2025-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: reject invalid file types when reading inodes\n\nTo prevent inodes with invalid file types from tripping through the vfs\nand causing malfunctions or assertion failures, add a missing sanity check\nwhen reading an inode from a block device. If the file type is not valid,\ntreat it as a filesystem error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38663",
"url": "https://www.suse.com/security/cve/CVE-2025-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1248636 for CVE-2025-38663",
"url": "https://bugzilla.suse.com/1248636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38663"
},
{
"cve": "CVE-2025-38665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode\n\nAndrei Lalaev reported a NULL pointer deref when a CAN device is\nrestarted from Bus Off and the driver does not implement the struct\ncan_priv::do_set_mode callback.\n\nThere are 2 code path that call struct can_priv::do_set_mode:\n- directly by a manual restart from the user space, via\n can_changelink()\n- delayed automatic restart after bus off (deactivated by default)\n\nTo prevent the NULL pointer deference, refuse a manual restart or\nconfigure the automatic restart delay in can_changelink() and report\nthe error via extack to user space.\n\nAs an additional safety measure let can_restart() return an error if\ncan_priv::do_set_mode is not set instead of dereferencing it\nunchecked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38665",
"url": "https://www.suse.com/security/cve/CVE-2025-38665"
},
{
"category": "external",
"summary": "SUSE Bug 1248648 for CVE-2025-38665",
"url": "https://bugzilla.suse.com/1248648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38665"
},
{
"cve": "CVE-2025-38668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the \u0027reg-dummy\u0027 platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38668",
"url": "https://www.suse.com/security/cve/CVE-2025-38668"
},
{
"category": "external",
"summary": "SUSE Bug 1248647 for CVE-2025-38668",
"url": "https://bugzilla.suse.com/1248647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38668"
},
{
"cve": "CVE-2025-38670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()\n\n`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change\nto different stacks along with the Shadow Call Stack if it is enabled.\nThose two stack changes cannot be done atomically and both functions\ncan be interrupted by SErrors or Debug Exceptions which, though unlikely,\nis very much broken : if interrupted, we can end up with mismatched stacks\nand Shadow Call Stack leading to clobbered stacks.\n\nIn `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,\nbut x18 stills points to the old task\u0027s SCS. When the interrupt handler\ntries to save the task\u0027s SCS pointer, it will save the old task\nSCS pointer (x18) into the new task struct (pointed to by SP_EL0),\nclobbering it.\n\nIn `call_on_irq_stack()`, it can happen when switching from the task stack\nto the IRQ stack and when switching back. In both cases, we can be\ninterrupted when the SCS pointer points to the IRQ SCS, but SP points to\nthe task stack. The nested interrupt handler pushes its return addresses\non the IRQ SCS. It then detects that SP points to the task stack,\ncalls `call_on_irq_stack()` and clobbers the task SCS pointer with\nthe IRQ SCS pointer, which it will also use !\n\nThis leads to tasks returning to addresses on the wrong SCS,\nor even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK\nor FPAC if enabled.\n\nThis is possible on a default config, but unlikely.\nHowever, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and\ninstead the GIC is responsible for filtering what interrupts the CPU\nshould receive based on priority.\nGiven the goal of emulating NMIs, pseudo-NMIs can be received by the CPU\neven in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*\nfrequently depending on the system configuration and workload, leading\nto unpredictable kernel panics.\n\nCompletely mask DAIF in `cpu_switch_to()` and restore it when returning.\nDo the same in `call_on_irq_stack()`, but restore and mask around\nthe branch.\nMask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency\nof behaviour between all configurations.\n\nIntroduce and use an assembly macro for saving and masking DAIF,\nas the existing one saves but only masks IF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38670",
"url": "https://www.suse.com/security/cve/CVE-2025-38670"
},
{
"category": "external",
"summary": "SUSE Bug 1248655 for CVE-2025-38670",
"url": "https://bugzilla.suse.com/1248655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38670"
},
{
"cve": "CVE-2025-38671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: qup: jump out of the loop in case of timeout\n\nOriginal logic only sets the return value but doesn\u0027t jump out of the\nloop if the bus is kept active by a client. This is not expected. A\nmalicious or buggy i2c client can hang the kernel in this case and\nshould be avoided. This is observed during a long time test with a\nPCA953x GPIO extender.\n\nFix it by changing the logic to not only sets the return value, but also\njumps out of the loop and return to the caller with -ETIMEDOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38671",
"url": "https://www.suse.com/security/cve/CVE-2025-38671"
},
{
"category": "external",
"summary": "SUSE Bug 1248652 for CVE-2025-38671",
"url": "https://bugzilla.suse.com/1248652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_16-rt-1-150700.1.3.2.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.16.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.16.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-26T17:27:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-38671"
}
]
}
CERTFR-2025-AVI-0787
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | SUSE Linux Micro Extras 6.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | N/A | SUSE Linux Micro 6.1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Micro 6.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2025-38520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
},
{
"name": "CVE-2025-38588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
},
{
"name": "CVE-2025-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
},
{
"name": "CVE-2022-49053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49053"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2025-38524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
},
{
"name": "CVE-2025-38087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38087"
},
{
"name": "CVE-2025-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-38609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-38571",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2023-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4130"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
},
{
"name": "CVE-2024-58238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58238"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2025-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
},
{
"name": "CVE-2025-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
},
{
"name": "CVE-2025-38543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
},
{
"name": "CVE-2025-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
},
{
"name": "CVE-2025-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2025-38530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
},
{
"name": "CVE-2025-38529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
},
{
"name": "CVE-2025-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
},
{
"name": "CVE-2025-38650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
},
{
"name": "CVE-2025-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38621"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2025-38528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
},
{
"name": "CVE-2025-38663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
},
{
"name": "CVE-2024-49867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49867"
},
{
"name": "CVE-2025-38665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
},
{
"name": "CVE-2025-38671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
},
{
"name": "CVE-2023-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3867"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
},
{
"name": "CVE-2025-38494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
},
{
"name": "CVE-2025-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
},
{
"name": "CVE-2025-38006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2024-58239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58239"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-38610",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
},
{
"name": "CVE-2025-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-38495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
},
{
"name": "CVE-2023-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4515"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-38576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2024-47674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47674"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2025-38531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
},
{
"name": "CVE-2025-38503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
},
{
"name": "CVE-2025-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
},
{
"name": "CVE-2025-38585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2024-47706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-38512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
},
{
"name": "CVE-2025-38572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
},
{
"name": "CVE-2025-38550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
},
{
"name": "CVE-2025-38535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
}
],
"initial_release_date": "2025-09-12T00:00:00",
"last_revision_date": "2025-09-12T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0787",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03149-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503149-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03179-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503179-1"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03100-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503100-1"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03104-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503104-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20644-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520644-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03186-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503186-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03108-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503108-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03165-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503165-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20642-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520642-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03156-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503156-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03109-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503109-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03130-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503130-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03133-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503133-1"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03106-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503106-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03180-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503180-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03182-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503182-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20640-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520640-1"
},
{
"published_at": "2025-09-05",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20653-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520653-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03146-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503146-1"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20646-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520646-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03181-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503181-1"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03105-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503105-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03126-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503126-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20643-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520643-1"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20647-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520647-1"
},
{
"published_at": "2025-09-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03097-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503097-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03183-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503183-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03185-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503185-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03184-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503184-1"
},
{
"published_at": "2025-09-05",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20669-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520669-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03148-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503148-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03110-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503110-1"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20648-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520648-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03123-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503123-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03153-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503153-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03111-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503111-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03154-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503154-1"
},
{
"published_at": "2025-09-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03124-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503124-1"
},
{
"published_at": "2025-09-01",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20645-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520645-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20639-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520639-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03143-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503143-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03188-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503188-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03160-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503160-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03138-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503138-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03129-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503129-1"
},
{
"published_at": "2025-08-29",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20641-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520641-1"
},
{
"published_at": "2025-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03175-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503175-1"
},
{
"published_at": "2025-09-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03135-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503135-1"
}
]
}
CERTFR-2025-AVI-0827
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 LTSS | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | Basesystem Module | Basesystem Module 15-SP6 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | Legacy Module | Legacy Module 15-SP6 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | Development Tools Module | Development Tools Module 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | SUSE Linux Enterprise Workstation Extension | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "Basesystem Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3 LTS",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "Legacy Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3 LTS",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "Development Tools Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3 LTS",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2025-38520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
},
{
"name": "CVE-2025-38588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
},
{
"name": "CVE-2025-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38109"
},
{
"name": "CVE-2025-38624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2023-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53117"
},
{
"name": "CVE-2025-38524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
},
{
"name": "CVE-2025-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-38609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-38571",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2023-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4130"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
},
{
"name": "CVE-2024-58238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58238"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2025-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
},
{
"name": "CVE-2025-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
},
{
"name": "CVE-2025-38543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
},
{
"name": "CVE-2025-38537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
},
{
"name": "CVE-2025-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
},
{
"name": "CVE-2025-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2025-38530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2025-38529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
},
{
"name": "CVE-2025-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
},
{
"name": "CVE-2025-38650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
},
{
"name": "CVE-2025-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38621"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2022-50116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50116"
},
{
"name": "CVE-2025-38528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-38468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
},
{
"name": "CVE-2025-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
},
{
"name": "CVE-2025-38663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2025-38665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
},
{
"name": "CVE-2025-38671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
},
{
"name": "CVE-2025-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
},
{
"name": "CVE-2023-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3867"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
},
{
"name": "CVE-2025-38494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
},
{
"name": "CVE-2025-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
},
{
"name": "CVE-2024-49996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49996"
},
{
"name": "CVE-2025-38006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-58239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58239"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2024-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38610",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
},
{
"name": "CVE-2025-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-38497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38497"
},
{
"name": "CVE-2025-38495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
},
{
"name": "CVE-2023-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4515"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
},
{
"name": "CVE-2025-38503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
},
{
"name": "CVE-2025-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
},
{
"name": "CVE-2025-38585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-38512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
},
{
"name": "CVE-2024-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53125"
},
{
"name": "CVE-2025-38572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-38550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
},
{
"name": "CVE-2025-38535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
},
{
"name": "CVE-2024-53093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53093"
},
{
"name": "CVE-2024-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53177"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
}
],
"initial_release_date": "2025-09-26T00:00:00",
"last_revision_date": "2025-09-26T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0827",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03342-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503342-1"
},
{
"published_at": "2025-09-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03314-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503314-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03315-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503315-1"
},
{
"published_at": "2025-09-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03358-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503358-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03350-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503350-1"
},
{
"published_at": "2025-09-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03359-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503359-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03337-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503337-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03344-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503344-1"
},
{
"published_at": "2025-09-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03321-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503321-1"
},
{
"published_at": "2025-09-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03319-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503319-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03339-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503339-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03336-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503336-1"
},
{
"published_at": "2025-09-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-202503290-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503290-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03343-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503343-1"
},
{
"published_at": "2025-09-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03301-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503301-1"
},
{
"published_at": "2025-09-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03356-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503356-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03341-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503341-1"
},
{
"published_at": "2025-09-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03283-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503283-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03329-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503329-1"
},
{
"published_at": "2025-09-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03310-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503310-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03317-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503317-1"
},
{
"published_at": "2025-09-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03318-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503318-1"
}
]
}
CERTFR-2025-AVI-0723
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 LTSS | ||
| SUSE | Confidential Computing Module | Confidential Computing Module 15-SP6 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.2 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Enterprise Storage | SUSE Enterprise Storage 7.1 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Confidential Computing Module 15-SP6",
"product": {
"name": "Confidential Computing Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3 LTS",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3 LTS",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3 LTS",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-11135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2024-26643",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2024-26974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26974"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2023-52878",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52878"
},
{
"name": "CVE-2024-36978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-36972",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36972"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-42134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42134"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2023-52888",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52888"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-49861",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49861"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-44963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44963"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2024-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50106"
},
{
"name": "CVE-2024-53164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53164"
},
{
"name": "CVE-2024-56699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56699"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-21629",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21629"
},
{
"name": "CVE-2022-49319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49319"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2024-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49568"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2025-21658",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21658"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2022-49138",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49138"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37782"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
},
{
"name": "CVE-2025-37854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
},
{
"name": "CVE-2025-37979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-37897",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37897"
},
{
"name": "CVE-2025-37901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37901"
},
{
"name": "CVE-2025-37903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37903"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-37917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37917"
},
{
"name": "CVE-2025-37921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37921"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37928"
},
{
"name": "CVE-2025-37929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37929"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37936"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-37951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37951"
},
{
"name": "CVE-2025-37953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37953"
},
{
"name": "CVE-2025-37959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37959"
},
{
"name": "CVE-2025-37961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37961"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37972"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2022-49770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49770"
},
{
"name": "CVE-2022-49825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49825"
},
{
"name": "CVE-2023-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53118"
},
{
"name": "CVE-2025-37943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37943"
},
{
"name": "CVE-2023-53146",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53146"
},
{
"name": "CVE-2024-58098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58098"
},
{
"name": "CVE-2024-58099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58099"
},
{
"name": "CVE-2024-58100",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58100"
},
{
"name": "CVE-2024-58237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58237"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-22113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22113"
},
{
"name": "CVE-2025-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22119"
},
{
"name": "CVE-2025-22124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22124"
},
{
"name": "CVE-2025-23149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23149"
},
{
"name": "CVE-2025-23155",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23155"
},
{
"name": "CVE-2025-37743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37743"
},
{
"name": "CVE-2025-37747",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37747"
},
{
"name": "CVE-2025-37754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37754"
},
{
"name": "CVE-2025-37793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37793"
},
{
"name": "CVE-2025-37800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37800"
},
{
"name": "CVE-2025-37853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37853"
},
{
"name": "CVE-2025-37873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37873"
},
{
"name": "CVE-2025-37874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37874"
},
{
"name": "CVE-2025-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37891"
},
{
"name": "CVE-2025-37900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37900"
},
{
"name": "CVE-2025-37918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37918"
},
{
"name": "CVE-2025-37925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
},
{
"name": "CVE-2025-37931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
},
{
"name": "CVE-2025-37933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37933"
},
{
"name": "CVE-2025-37944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37944"
},
{
"name": "CVE-2025-37954",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37954"
},
{
"name": "CVE-2025-37968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37968"
},
{
"name": "CVE-2025-37978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37978"
},
{
"name": "CVE-2025-37980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37980"
},
{
"name": "CVE-2025-37986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37986"
},
{
"name": "CVE-2025-37987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37987"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-38240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38240"
},
{
"name": "CVE-2025-40014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40014"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2025-22120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22120"
},
{
"name": "CVE-2025-37786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37786"
},
{
"name": "CVE-2025-37856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37856"
},
{
"name": "CVE-2025-37864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37864"
},
{
"name": "CVE-2025-37945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37945"
},
{
"name": "CVE-2025-37984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37984"
},
{
"name": "CVE-2024-36348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36348"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2022-49934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49934"
},
{
"name": "CVE-2022-49948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49948"
},
{
"name": "CVE-2022-49969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49969"
},
{
"name": "CVE-2022-49993",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49993"
},
{
"name": "CVE-2022-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50027"
},
{
"name": "CVE-2022-50030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50030"
},
{
"name": "CVE-2022-50033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50033"
},
{
"name": "CVE-2022-50103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50103"
},
{
"name": "CVE-2022-50149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50149"
},
{
"name": "CVE-2022-50211",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50211"
},
{
"name": "CVE-2022-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50226"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37946"
},
{
"name": "CVE-2025-37973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37973"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-38007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38007"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-38010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38010"
},
{
"name": "CVE-2025-38011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38011"
},
{
"name": "CVE-2025-38013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38013"
},
{
"name": "CVE-2025-38014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38014"
},
{
"name": "CVE-2025-38015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38015"
},
{
"name": "CVE-2025-38018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38018"
},
{
"name": "CVE-2025-38020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38020"
},
{
"name": "CVE-2025-38022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38022"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2025-38027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38027"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2025-38040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38040"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-38045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38045"
},
{
"name": "CVE-2025-38053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38053"
},
{
"name": "CVE-2025-38057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38057"
},
{
"name": "CVE-2025-38059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38059"
},
{
"name": "CVE-2025-38060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38060"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-38080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38080"
},
{
"name": "CVE-2025-38081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38081"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-38110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38110"
},
{
"name": "CVE-2023-53020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53020"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37920"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-38089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38089"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38087"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38213"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38289"
},
{
"name": "CVE-2025-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38264"
},
{
"name": "CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"name": "CVE-2021-46987",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46987"
},
{
"name": "CVE-2022-49768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49768"
},
{
"name": "CVE-2022-50025",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50025"
},
{
"name": "CVE-2023-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53117"
},
{
"name": "CVE-2024-36349",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36349"
},
{
"name": "CVE-2025-38047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38047"
},
{
"name": "CVE-2025-38064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38064"
},
{
"name": "CVE-2025-38091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38091"
},
{
"name": "CVE-2025-38098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38098"
},
{
"name": "CVE-2025-38099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38099"
},
{
"name": "CVE-2025-38105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38105"
},
{
"name": "CVE-2025-38106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38106"
},
{
"name": "CVE-2025-38109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38109"
},
{
"name": "CVE-2025-38114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38114"
},
{
"name": "CVE-2025-38117",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38117"
},
{
"name": "CVE-2025-38123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38123"
},
{
"name": "CVE-2025-38127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38127"
},
{
"name": "CVE-2025-38095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38095"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2025-38062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38062"
},
{
"name": "CVE-2025-38063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38063"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-38097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38097"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-38113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38113"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-38118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38118"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-38124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38124"
},
{
"name": "CVE-2025-38126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38126"
},
{
"name": "CVE-2025-38131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38131"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2025-38142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38142"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2025-38148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38148"
},
{
"name": "CVE-2025-38151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38151"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2025-38158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38158"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-38165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38165"
},
{
"name": "CVE-2025-38166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38166"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38183"
},
{
"name": "CVE-2025-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38198"
},
{
"name": "CVE-2025-38202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38202"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38215"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38225"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
},
{
"name": "CVE-2025-38239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38239"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2025-38259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38259"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38275"
},
{
"name": "CVE-2025-38277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38277"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-38300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38300"
},
{
"name": "CVE-2025-38304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38304"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38334"
},
{
"name": "CVE-2025-38335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38335"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38349"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38354"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38364"
},
{
"name": "CVE-2025-38365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38365"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38380"
},
{
"name": "CVE-2025-38382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38382"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38385"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38396",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38396"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-38404",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38404"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38409"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38425"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2025-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
},
{
"name": "CVE-2025-38455",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38455"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38463"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2025-38468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
},
{
"name": "CVE-2025-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
},
{
"name": "CVE-2025-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38471"
},
{
"name": "CVE-2025-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38473"
},
{
"name": "CVE-2025-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38474"
},
{
"name": "CVE-2025-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38475"
},
{
"name": "CVE-2025-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-38478",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38478"
},
{
"name": "CVE-2025-38480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38480"
},
{
"name": "CVE-2025-38481",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38481"
},
{
"name": "CVE-2025-38482",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38482"
},
{
"name": "CVE-2025-38483",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38483"
},
{
"name": "CVE-2025-38485",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38485"
},
{
"name": "CVE-2025-38487",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38487"
},
{
"name": "CVE-2025-38489",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38489"
},
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2025-38494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
},
{
"name": "CVE-2025-38495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
},
{
"name": "CVE-2025-38496",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38496"
},
{
"name": "CVE-2025-38497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38497"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38292"
},
{
"name": "CVE-2025-38129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
},
{
"name": "CVE-2025-38132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38132"
},
{
"name": "CVE-2025-38149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38149"
},
{
"name": "CVE-2025-38155",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38155"
},
{
"name": "CVE-2025-38162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38162"
},
{
"name": "CVE-2025-38182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38182"
},
{
"name": "CVE-2025-38186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38186"
},
{
"name": "CVE-2025-38187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38187"
},
{
"name": "CVE-2025-38188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38188"
},
{
"name": "CVE-2025-38189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38189"
},
{
"name": "CVE-2025-38192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38192"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2025-38210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38210"
},
{
"name": "CVE-2025-38217",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38217"
},
{
"name": "CVE-2025-38220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38220"
},
{
"name": "CVE-2025-38238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38238"
},
{
"name": "CVE-2025-38244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38244"
},
{
"name": "CVE-2025-38246",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38246"
},
{
"name": "CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"name": "CVE-2025-38256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38256"
},
{
"name": "CVE-2025-38265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38265"
},
{
"name": "CVE-2025-38268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38268"
},
{
"name": "CVE-2025-38272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38272"
},
{
"name": "CVE-2025-38279",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38279"
},
{
"name": "CVE-2025-38283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38283"
},
{
"name": "CVE-2025-38287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38287"
},
{
"name": "CVE-2025-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38288"
},
{
"name": "CVE-2025-38290",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38290"
},
{
"name": "CVE-2025-38291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38291"
},
{
"name": "CVE-2025-38299",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38299"
},
{
"name": "CVE-2025-38303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38303"
},
{
"name": "CVE-2025-38307",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38307"
},
{
"name": "CVE-2025-38315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38315"
},
{
"name": "CVE-2025-38317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38317"
},
{
"name": "CVE-2025-38338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38338"
},
{
"name": "CVE-2025-38343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38343"
},
{
"name": "CVE-2025-38353",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38353"
},
{
"name": "CVE-2025-38355",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38355"
},
{
"name": "CVE-2025-38356",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38356"
},
{
"name": "CVE-2025-38361",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
},
{
"name": "CVE-2025-38369",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38369"
},
{
"name": "CVE-2025-38373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38373"
},
{
"name": "CVE-2025-38376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38376"
},
{
"name": "CVE-2025-38392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38392"
},
{
"name": "CVE-2025-38414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38414"
},
{
"name": "CVE-2025-38417",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38417"
},
{
"name": "CVE-2025-38426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38426"
},
{
"name": "CVE-2025-38427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38427"
},
{
"name": "CVE-2025-38429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38429"
},
{
"name": "CVE-2025-38436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38436"
},
{
"name": "CVE-2025-38453",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38453"
}
],
"initial_release_date": "2025-08-22T00:00:00",
"last_revision_date": "2025-08-22T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0723",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02955-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502955-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02876-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502876-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02873-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502873-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02853-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502853-1"
},
{
"published_at": "2025-08-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02832-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502832-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02930-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502930-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02944-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502944-1"
},
{
"published_at": "2025-08-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02834-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502834-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02936-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502936-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02851-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502851-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02883-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502883-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02923-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502923-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02844-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502844-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02938-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502938-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02933-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502933-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02852-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502852-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02902-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502902-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02911-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502911-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02849-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502849-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02908-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502908-1"
},
{
"published_at": "2025-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02820-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502820-1"
},
{
"published_at": "2025-08-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02833-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502833-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02857-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502857-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02937-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502937-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02848-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502848-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02859-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502859-1"
},
{
"published_at": "2025-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02827-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502827-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02846-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502846-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02918-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502918-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02871-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502871-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02894-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502894-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02934-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502934-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02858-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502858-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02942-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502942-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02860-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502860-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02917-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502917-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02878-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502878-1"
},
{
"published_at": "2025-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02830-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502830-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02897-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502897-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02850-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502850-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02945-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502945-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02875-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502875-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02926-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502926-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02922-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502922-1"
},
{
"published_at": "2025-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02821-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502821-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02884-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502884-1"
},
{
"published_at": "2025-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02909-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502909-1"
},
{
"published_at": "2025-08-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02932-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502932-1"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02943-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502943-1"
},
{
"published_at": "2025-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02823-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502823-1"
},
{
"published_at": "2025-08-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02854-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502854-1"
}
]
}
CERTFR-2025-AVI-0698
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.147-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.41-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-36913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36913"
},
{
"name": "CVE-2024-41013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41013"
},
{
"name": "CVE-2024-56758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56758"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22119"
},
{
"name": "CVE-2025-37925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37984"
},
{
"name": "CVE-2024-36350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36350"
},
{
"name": "CVE-2024-36357",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36357"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2025-38040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38040"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2025-27558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27558"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2025-38062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38062"
},
{
"name": "CVE-2025-38063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38063"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-38071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38071"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-38097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38097"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-38113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38113"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-38118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38118"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-38124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38124"
},
{
"name": "CVE-2025-38126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38126"
},
{
"name": "CVE-2025-38131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38131"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2025-38142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38142"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2025-38148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38148"
},
{
"name": "CVE-2025-38151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38151"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2025-38158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38158"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2025-38165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38165"
},
{
"name": "CVE-2025-38166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38166"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2025-38170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38170"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38183"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38191",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38191"
},
{
"name": "CVE-2025-38193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2025-38198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38198"
},
{
"name": "CVE-2025-38202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38202"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38215"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38225"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2025-38230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38230"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2025-38236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
},
{
"name": "CVE-2025-38239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38239"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38259",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38259"
},
{
"name": "CVE-2025-38260",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38260"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38275",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38275"
},
{
"name": "CVE-2025-38277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38277"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2025-38282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38282"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2025-38300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38300"
},
{
"name": "CVE-2025-38304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38304"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-38331",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38331"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2025-38334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38334"
},
{
"name": "CVE-2025-38335",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38335"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2025-38349",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38349"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38354",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38354"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-38364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38364"
},
{
"name": "CVE-2025-38365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38365"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2025-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38380"
},
{
"name": "CVE-2025-38382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38382"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-38385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38385"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2025-38396",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38396"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2025-38404",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38404"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38409"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2025-38422",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38422"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38425"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-38437",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38437"
},
{
"name": "CVE-2025-38438",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38438"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38440"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38446"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2025-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
},
{
"name": "CVE-2025-38450",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38450"
},
{
"name": "CVE-2025-38451",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38451"
},
{
"name": "CVE-2025-38452",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38452"
},
{
"name": "CVE-2025-38454",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38454"
},
{
"name": "CVE-2025-38455",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38455"
},
{
"name": "CVE-2025-38456",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38456"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38463"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2025-38468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
},
{
"name": "CVE-2025-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38469"
},
{
"name": "CVE-2025-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
},
{
"name": "CVE-2025-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38471"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38473"
},
{
"name": "CVE-2025-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38474"
},
{
"name": "CVE-2025-38475",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38475"
},
{
"name": "CVE-2025-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2025-38478",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38478"
},
{
"name": "CVE-2025-38480",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38480"
},
{
"name": "CVE-2025-38481",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38481"
},
{
"name": "CVE-2025-38482",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38482"
},
{
"name": "CVE-2025-38483",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38483"
},
{
"name": "CVE-2025-38484",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38484"
},
{
"name": "CVE-2025-38485",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38485"
},
{
"name": "CVE-2025-38487",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38487"
},
{
"name": "CVE-2025-38488",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38488"
},
{
"name": "CVE-2025-38489",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38489"
},
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38493"
},
{
"name": "CVE-2025-38494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
},
{
"name": "CVE-2025-38495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
},
{
"name": "CVE-2025-38496",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38496"
},
{
"name": "CVE-2025-38497",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38497"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
}
],
"initial_release_date": "2025-08-14T00:00:00",
"last_revision_date": "2025-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0698",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2025-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5973-1",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00137.html"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5975-1",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00139.html"
}
]
}
CERTFR-2025-AVI-0805
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | openSUSE Leap | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP6",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50141"
},
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2022-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50229"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2025-38520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
},
{
"name": "CVE-2025-38588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
},
{
"name": "CVE-2025-38474",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38474"
},
{
"name": "CVE-2025-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
},
{
"name": "CVE-2022-49053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49053"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2023-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53117"
},
{
"name": "CVE-2025-38524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
},
{
"name": "CVE-2025-38087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38087"
},
{
"name": "CVE-2022-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50162"
},
{
"name": "CVE-2025-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-38609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
},
{
"name": "CVE-2023-53020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53020"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-38571",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2023-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4130"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
},
{
"name": "CVE-2024-58238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58238"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2025-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
},
{
"name": "CVE-2022-49975",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49975"
},
{
"name": "CVE-2025-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2025-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
},
{
"name": "CVE-2022-50138",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50138"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2025-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
},
{
"name": "CVE-2025-38543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2025-38537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2022-50066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50066"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2022-50211",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50211"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
},
{
"name": "CVE-2025-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2024-53164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53164"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2025-38530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2022-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50080"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2025-38529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
},
{
"name": "CVE-2025-38650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38621"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2022-50116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50116"
},
{
"name": "CVE-2025-38528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-38117",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38117"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-49967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49967"
},
{
"name": "CVE-2025-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
},
{
"name": "CVE-2025-38663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
},
{
"name": "CVE-2024-49867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49867"
},
{
"name": "CVE-2025-38665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
},
{
"name": "CVE-2025-38671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
},
{
"name": "CVE-2023-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3867"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2022-50007",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50007"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
},
{
"name": "CVE-2022-49981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49981"
},
{
"name": "CVE-2022-50185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50185"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
},
{
"name": "CVE-2025-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2024-49996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49996"
},
{
"name": "CVE-2025-38006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2024-58239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58239"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-38610",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
},
{
"name": "CVE-2025-38214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
},
{
"name": "CVE-2025-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2025-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2023-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4515"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-38576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2024-47674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47674"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-38531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
},
{
"name": "CVE-2025-38503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
},
{
"name": "CVE-2025-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
},
{
"name": "CVE-2025-38585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
},
{
"name": "CVE-2022-50127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50127"
},
{
"name": "CVE-2025-38213",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38213"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2024-47706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-38512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
},
{
"name": "CVE-2022-50228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50228"
},
{
"name": "CVE-2022-50191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50191"
},
{
"name": "CVE-2025-38572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-38550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
},
{
"name": "CVE-2025-38535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
},
{
"name": "CVE-2025-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38473"
},
{
"name": "CVE-2025-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
}
],
"initial_release_date": "2025-09-19T00:00:00",
"last_revision_date": "2025-09-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0805",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-09-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:02844-2",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502844-2"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03210-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503210-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03190-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503190-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03226-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503226-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03223-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503223-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03207-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503207-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03221-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503221-1"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03208-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503208-1"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03214-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503214-1"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03212-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503212-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03204-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503204-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03235-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503235-1"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03209-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503209-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03195-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503195-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03194-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503194-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03217-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503217-1"
},
{
"published_at": "2025-09-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03213-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503213-1"
},
{
"published_at": "2025-09-14",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03215-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503215-1"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03222-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503222-1"
},
{
"published_at": "2025-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03191-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503191-1"
},
{
"published_at": "2025-09-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03272-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503272-1"
}
]
}
CERTFR-2025-AVI-0921
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | Public Cloud Module | Public Cloud Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | Public Cloud Module | Public Cloud Module 15-SP6 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 LTS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | SUSE Real Time Module | SUSE Real Time Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Public Cloud Module 15-SP7",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3 LTS",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP6",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3 LTS",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP6",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3 LTS",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "SUSE Real Time Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-53443",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53443"
},
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2023-53453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53453"
},
{
"name": "CVE-2025-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38380"
},
{
"name": "CVE-2023-53247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53247"
},
{
"name": "CVE-2023-53473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53473"
},
{
"name": "CVE-2022-49138",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49138"
},
{
"name": "CVE-2022-50425",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50425"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2022-50367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50367"
},
{
"name": "CVE-2025-39808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39808"
},
{
"name": "CVE-2023-53475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53475"
},
{
"name": "CVE-2025-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38471"
},
{
"name": "CVE-2025-38520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
},
{
"name": "CVE-2023-53312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53312"
},
{
"name": "CVE-2025-38588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
},
{
"name": "CVE-2023-53311",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53311"
},
{
"name": "CVE-2025-38574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38574"
},
{
"name": "CVE-2023-53393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53393"
},
{
"name": "CVE-2023-53480",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53480"
},
{
"name": "CVE-2025-23155",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23155"
},
{
"name": "CVE-2023-53303",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53303"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2025-39757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
},
{
"name": "CVE-2022-50469",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50469"
},
{
"name": "CVE-2022-50429",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50429"
},
{
"name": "CVE-2023-53150",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53150"
},
{
"name": "CVE-2023-53321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53321"
},
{
"name": "CVE-2025-39772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
},
{
"name": "CVE-2023-53317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53317"
},
{
"name": "CVE-2023-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53176"
},
{
"name": "CVE-2023-53362",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53362"
},
{
"name": "CVE-2022-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50298"
},
{
"name": "CVE-2025-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
},
{
"name": "CVE-2025-39826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39826"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38645"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-53349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53349"
},
{
"name": "CVE-2025-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
},
{
"name": "CVE-2025-38660",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38660"
},
{
"name": "CVE-2025-39761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
},
{
"name": "CVE-2023-53405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53405"
},
{
"name": "CVE-2023-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53185"
},
{
"name": "CVE-2023-53359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53359"
},
{
"name": "CVE-2022-50466",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50466"
},
{
"name": "CVE-2023-53509",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53509"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2023-53441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53441"
},
{
"name": "CVE-2023-53199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53199"
},
{
"name": "CVE-2025-39764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39764"
},
{
"name": "CVE-2023-53245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53245"
},
{
"name": "CVE-2023-53415",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53415"
},
{
"name": "CVE-2025-38624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
},
{
"name": "CVE-2025-39827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39827"
},
{
"name": "CVE-2022-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50255"
},
{
"name": "CVE-2025-39746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39746"
},
{
"name": "CVE-2023-53461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53461"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2023-53531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53531"
},
{
"name": "CVE-2025-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39828"
},
{
"name": "CVE-2025-39889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39889"
},
{
"name": "CVE-2025-38524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2023-53258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53258"
},
{
"name": "CVE-2023-53429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53429"
},
{
"name": "CVE-2023-53449",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53449"
},
{
"name": "CVE-2025-38595",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38595"
},
{
"name": "CVE-2023-53451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53451"
},
{
"name": "CVE-2023-53325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53325"
},
{
"name": "CVE-2022-50368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50368"
},
{
"name": "CVE-2025-38216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38216"
},
{
"name": "CVE-2022-50349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50349"
},
{
"name": "CVE-2023-53394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53394"
},
{
"name": "CVE-2023-53494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53494"
},
{
"name": "CVE-2025-39925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39925"
},
{
"name": "CVE-2025-39811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39811"
},
{
"name": "CVE-2022-50358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50358"
},
{
"name": "CVE-2025-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
},
{
"name": "CVE-2022-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50386"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38692"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2023-53209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53209"
},
{
"name": "CVE-2025-39701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39701"
},
{
"name": "CVE-2023-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53222"
},
{
"name": "CVE-2023-53264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53264"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-38609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
},
{
"name": "CVE-2023-53519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53519"
},
{
"name": "CVE-2022-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50294"
},
{
"name": "CVE-2023-53447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53447"
},
{
"name": "CVE-2023-53472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53472"
},
{
"name": "CVE-2023-53248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53248"
},
{
"name": "CVE-2025-38521",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38521"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-39709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
},
{
"name": "CVE-2023-53217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53217"
},
{
"name": "CVE-2023-53390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53390"
},
{
"name": "CVE-2023-53491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53491"
},
{
"name": "CVE-2025-39787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39787"
},
{
"name": "CVE-2025-39920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39920"
},
{
"name": "CVE-2022-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50379"
},
{
"name": "CVE-2022-50257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50257"
},
{
"name": "CVE-2023-53354",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53354"
},
{
"name": "CVE-2023-53504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53504"
},
{
"name": "CVE-2025-38734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38734"
},
{
"name": "CVE-2025-38571",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
},
{
"name": "CVE-2022-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50301"
},
{
"name": "CVE-2022-50432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50432"
},
{
"name": "CVE-2025-38695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2023-53323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53323"
},
{
"name": "CVE-2025-39749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39749"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2023-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53189"
},
{
"name": "CVE-2023-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53427"
},
{
"name": "CVE-2023-53498",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53498"
},
{
"name": "CVE-2023-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4130"
},
{
"name": "CVE-2023-53242",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53242"
},
{
"name": "CVE-2022-50395",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50395"
},
{
"name": "CVE-2023-53309",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53309"
},
{
"name": "CVE-2025-39923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38456",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38456"
},
{
"name": "CVE-2025-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
},
{
"name": "CVE-2022-50456",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50456"
},
{
"name": "CVE-2025-39751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39751"
},
{
"name": "CVE-2024-58238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58238"
},
{
"name": "CVE-2023-53425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53425"
},
{
"name": "CVE-2022-50458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50458"
},
{
"name": "CVE-2022-50321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50321"
},
{
"name": "CVE-2023-53235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53235"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2022-50439",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50439"
},
{
"name": "CVE-2025-38710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38710"
},
{
"name": "CVE-2023-53304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53304"
},
{
"name": "CVE-2025-39681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39681"
},
{
"name": "CVE-2023-53216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53216"
},
{
"name": "CVE-2025-39770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39770"
},
{
"name": "CVE-2023-53339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53339"
},
{
"name": "CVE-2023-53239",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53239"
},
{
"name": "CVE-2023-53280",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53280"
},
{
"name": "CVE-2025-38705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38705"
},
{
"name": "CVE-2023-53179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53179"
},
{
"name": "CVE-2022-50434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50434"
},
{
"name": "CVE-2025-38706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
},
{
"name": "CVE-2022-50234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50234"
},
{
"name": "CVE-2025-39750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39750"
},
{
"name": "CVE-2025-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
},
{
"name": "CVE-2023-53520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53520"
},
{
"name": "CVE-2022-50353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50353"
},
{
"name": "CVE-2023-53493",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53493"
},
{
"name": "CVE-2022-50404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50404"
},
{
"name": "CVE-2023-53492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53492"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2023-53388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53388"
},
{
"name": "CVE-2025-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
},
{
"name": "CVE-2025-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
},
{
"name": "CVE-2023-53221",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53221"
},
{
"name": "CVE-2022-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50264"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2025-39857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39857"
},
{
"name": "CVE-2022-50320",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50320"
},
{
"name": "CVE-2025-38590",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38590"
},
{
"name": "CVE-2025-38709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38709"
},
{
"name": "CVE-2022-50286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50286"
},
{
"name": "CVE-2022-50449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50449"
},
{
"name": "CVE-2023-53431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53431"
},
{
"name": "CVE-2022-50324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50324"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2023-53462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53462"
},
{
"name": "CVE-2025-39865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39865"
},
{
"name": "CVE-2025-39816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39816"
},
{
"name": "CVE-2025-38584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
},
{
"name": "CVE-2025-39675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
},
{
"name": "CVE-2025-39679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39679"
},
{
"name": "CVE-2025-38527",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2022-50251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50251"
},
{
"name": "CVE-2025-39763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39763"
},
{
"name": "CVE-2023-53148",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53148"
},
{
"name": "CVE-2025-38693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
},
{
"name": "CVE-2025-38679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38679"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2022-50373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50373"
},
{
"name": "CVE-2023-53505",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53505"
},
{
"name": "CVE-2025-38685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
},
{
"name": "CVE-2022-50269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50269"
},
{
"name": "CVE-2023-53275",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53275"
},
{
"name": "CVE-2022-50437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50437"
},
{
"name": "CVE-2024-49974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49974"
},
{
"name": "CVE-2022-50391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50391"
},
{
"name": "CVE-2023-53476",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53476"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2023-53468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53468"
},
{
"name": "CVE-2022-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50261"
},
{
"name": "CVE-2022-50351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50351"
},
{
"name": "CVE-2022-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50272"
},
{
"name": "CVE-2022-50331",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50331"
},
{
"name": "CVE-2025-39838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39838"
},
{
"name": "CVE-2025-39823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39823"
},
{
"name": "CVE-2025-38234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38234"
},
{
"name": "CVE-2025-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
},
{
"name": "CVE-2023-53183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53183"
},
{
"name": "CVE-2023-53195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53195"
},
{
"name": "CVE-2025-39864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-39730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
},
{
"name": "CVE-2022-50268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50268"
},
{
"name": "CVE-2022-36280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36280"
},
{
"name": "CVE-2023-53319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53319"
},
{
"name": "CVE-2022-50444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50444"
},
{
"name": "CVE-2025-39824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39824"
},
{
"name": "CVE-2023-53515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53515"
},
{
"name": "CVE-2023-53420",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53420"
},
{
"name": "CVE-2023-53424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53424"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2023-53241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53241"
},
{
"name": "CVE-2023-53305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53305"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2025-38702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38702"
},
{
"name": "CVE-2023-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53177"
},
{
"name": "CVE-2023-53381",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53381"
},
{
"name": "CVE-2023-53369",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53369"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2022-50419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50419"
},
{
"name": "CVE-2025-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
},
{
"name": "CVE-2025-38543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
},
{
"name": "CVE-2025-38698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
},
{
"name": "CVE-2023-53328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53328"
},
{
"name": "CVE-2022-50289",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50289"
},
{
"name": "CVE-2022-50329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50329"
},
{
"name": "CVE-2025-39842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39842"
},
{
"name": "CVE-2025-39739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39739"
},
{
"name": "CVE-2023-53165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53165"
},
{
"name": "CVE-2023-53270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53270"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2025-38533",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38533"
},
{
"name": "CVE-2025-38511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38511"
},
{
"name": "CVE-2025-38537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
},
{
"name": "CVE-2025-39849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39849"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2022-50409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50409"
},
{
"name": "CVE-2022-50453",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50453"
},
{
"name": "CVE-2023-53512",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53512"
},
{
"name": "CVE-2023-53438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53438"
},
{
"name": "CVE-2023-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53238"
},
{
"name": "CVE-2025-39861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39861"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38597",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38597"
},
{
"name": "CVE-2025-39743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2022-50333",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50333"
},
{
"name": "CVE-2025-38712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
},
{
"name": "CVE-2025-38732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38732"
},
{
"name": "CVE-2025-39773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39773"
},
{
"name": "CVE-2023-53360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53360"
},
{
"name": "CVE-2025-39885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
},
{
"name": "CVE-2023-53336",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53336"
},
{
"name": "CVE-2023-53426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53426"
},
{
"name": "CVE-2023-53370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53370"
},
{
"name": "CVE-2022-50330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50330"
},
{
"name": "CVE-2023-53223",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53223"
},
{
"name": "CVE-2022-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2602"
},
{
"name": "CVE-2025-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
},
{
"name": "CVE-2022-50309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50309"
},
{
"name": "CVE-2025-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
},
{
"name": "CVE-2023-53448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53448"
},
{
"name": "CVE-2023-53374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53374"
},
{
"name": "CVE-2023-53384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53384"
},
{
"name": "CVE-2025-38014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38014"
},
{
"name": "CVE-2022-50297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50297"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2022-50435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50435"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2022-50411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50411"
},
{
"name": "CVE-2022-50465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50465"
},
{
"name": "CVE-2025-38396",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38396"
},
{
"name": "CVE-2022-50346",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50346"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-39732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39732"
},
{
"name": "CVE-2023-53458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53458"
},
{
"name": "CVE-2023-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53367"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2022-50417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50417"
},
{
"name": "CVE-2023-53326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53326"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-53457",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53457"
},
{
"name": "CVE-2025-39845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39845"
},
{
"name": "CVE-2023-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53230"
},
{
"name": "CVE-2023-53397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53397"
},
{
"name": "CVE-2023-53171",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53171"
},
{
"name": "CVE-2025-38568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
},
{
"name": "CVE-2022-50370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50370"
},
{
"name": "CVE-2025-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
},
{
"name": "CVE-2023-53516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53516"
},
{
"name": "CVE-2023-53474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53474"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38735"
},
{
"name": "CVE-2022-50247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50247"
},
{
"name": "CVE-2025-38110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38110"
},
{
"name": "CVE-2025-38402",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38402"
},
{
"name": "CVE-2022-50355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50355"
},
{
"name": "CVE-2023-53400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53400"
},
{
"name": "CVE-2023-53287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53287"
},
{
"name": "CVE-2025-38616",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38616"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2022-50454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50454"
},
{
"name": "CVE-2023-53350",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53350"
},
{
"name": "CVE-2025-38614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
},
{
"name": "CVE-2022-50249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50249"
},
{
"name": "CVE-2025-38664",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38664"
},
{
"name": "CVE-2023-53454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53454"
},
{
"name": "CVE-2023-53471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53471"
},
{
"name": "CVE-2023-53182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53182"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2023-53416",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53416"
},
{
"name": "CVE-2022-50344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50344"
},
{
"name": "CVE-2023-53322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53322"
},
{
"name": "CVE-2023-53220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53220"
},
{
"name": "CVE-2023-53272",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53272"
},
{
"name": "CVE-2022-50388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50388"
},
{
"name": "CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"name": "CVE-2023-53210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53210"
},
{
"name": "CVE-2025-38694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-53259",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53259"
},
{
"name": "CVE-2025-38676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38676"
},
{
"name": "CVE-2025-38530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
},
{
"name": "CVE-2024-26583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
},
{
"name": "CVE-2022-50318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50318"
},
{
"name": "CVE-2023-53413",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53413"
},
{
"name": "CVE-2022-50389",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50389"
},
{
"name": "CVE-2023-53528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53528"
},
{
"name": "CVE-2023-53524",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53524"
},
{
"name": "CVE-2023-53496",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53496"
},
{
"name": "CVE-2025-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
},
{
"name": "CVE-2023-53257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53257"
},
{
"name": "CVE-2023-53523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53523"
},
{
"name": "CVE-2022-50359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50359"
},
{
"name": "CVE-2023-53357",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53357"
},
{
"name": "CVE-2025-38681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
},
{
"name": "CVE-2025-38593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38593"
},
{
"name": "CVE-2022-2978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2978"
},
{
"name": "CVE-2025-38687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2022-49980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49980"
},
{
"name": "CVE-2023-53335",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53335"
},
{
"name": "CVE-2023-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53488"
},
{
"name": "CVE-2023-53464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53464"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2023-53334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53334"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2023-53356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53356"
},
{
"name": "CVE-2025-38529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
},
{
"name": "CVE-2023-53510",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53510"
},
{
"name": "CVE-2023-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53151"
},
{
"name": "CVE-2025-38715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
},
{
"name": "CVE-2025-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
},
{
"name": "CVE-2025-38650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
},
{
"name": "CVE-2025-39710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
},
{
"name": "CVE-2023-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53215"
},
{
"name": "CVE-2022-50342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50342"
},
{
"name": "CVE-2023-53288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53288"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2023-53406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53406"
},
{
"name": "CVE-2025-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38621"
},
{
"name": "CVE-2023-53352",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53352"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2023-53291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53291"
},
{
"name": "CVE-2022-50408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50408"
},
{
"name": "CVE-2025-38528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
},
{
"name": "CVE-2022-50399",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50399"
},
{
"name": "CVE-2022-50372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50372"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-39834",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39834"
},
{
"name": "CVE-2022-50431",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50431"
},
{
"name": "CVE-2023-53263",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53263"
},
{
"name": "CVE-2023-53527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53527"
},
{
"name": "CVE-2025-38713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
},
{
"name": "CVE-2023-53404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53404"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2025-38678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38678"
},
{
"name": "CVE-2023-53344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53344"
},
{
"name": "CVE-2023-53324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53324"
},
{
"name": "CVE-2023-53465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53465"
},
{
"name": "CVE-2022-50468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50468"
},
{
"name": "CVE-2025-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39810"
},
{
"name": "CVE-2025-39782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39782"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2023-53368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53368"
},
{
"name": "CVE-2025-38697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
},
{
"name": "CVE-2022-50282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50282"
},
{
"name": "CVE-2025-38691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
},
{
"name": "CVE-2023-53276",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53276"
},
{
"name": "CVE-2025-39759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39759"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38639",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38639"
},
{
"name": "CVE-2025-38628",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38628"
},
{
"name": "CVE-2023-53518",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53518"
},
{
"name": "CVE-2025-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
},
{
"name": "CVE-2022-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50250"
},
{
"name": "CVE-2025-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
},
{
"name": "CVE-2022-50347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50347"
},
{
"name": "CVE-2025-39754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39754"
},
{
"name": "CVE-2023-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53506"
},
{
"name": "CVE-2025-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2023-53149",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53149"
},
{
"name": "CVE-2022-50443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50443"
},
{
"name": "CVE-2025-38663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
},
{
"name": "CVE-2023-53409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53409"
},
{
"name": "CVE-2023-53396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53396"
},
{
"name": "CVE-2022-50260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50260"
},
{
"name": "CVE-2025-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
},
{
"name": "CVE-2023-53282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53282"
},
{
"name": "CVE-2025-39848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39848"
},
{
"name": "CVE-2025-38722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38722"
},
{
"name": "CVE-2025-39800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39800"
},
{
"name": "CVE-2023-53435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53435"
},
{
"name": "CVE-2022-50328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50328"
},
{
"name": "CVE-2023-53391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53391"
},
{
"name": "CVE-2023-53487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53487"
},
{
"name": "CVE-2022-50267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50267"
},
{
"name": "CVE-2023-53437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53437"
},
{
"name": "CVE-2022-50317",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50317"
},
{
"name": "CVE-2025-39703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39703"
},
{
"name": "CVE-2023-53250",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53250"
},
{
"name": "CVE-2023-53338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53338"
},
{
"name": "CVE-2025-38665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
},
{
"name": "CVE-2022-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50235"
},
{
"name": "CVE-2025-38671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
},
{
"name": "CVE-2023-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53231"
},
{
"name": "CVE-2023-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53206"
},
{
"name": "CVE-2022-50364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50364"
},
{
"name": "CVE-2025-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
},
{
"name": "CVE-2022-50276",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50276"
},
{
"name": "CVE-2023-53432",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53432"
},
{
"name": "CVE-2025-38488",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38488"
},
{
"name": "CVE-2023-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3867"
},
{
"name": "CVE-2022-50401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50401"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2022-50376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50376"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2023-53422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53422"
},
{
"name": "CVE-2023-53244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53244"
},
{
"name": "CVE-2022-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50275"
},
{
"name": "CVE-2023-53373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53373"
},
{
"name": "CVE-2023-53375",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53375"
},
{
"name": "CVE-2025-39882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39882"
},
{
"name": "CVE-2025-39766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39766"
},
{
"name": "CVE-2025-39801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
},
{
"name": "CVE-2022-50308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50308"
},
{
"name": "CVE-2025-38440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38440"
},
{
"name": "CVE-2023-53530",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53530"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2023-53197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53197"
},
{
"name": "CVE-2025-39724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
},
{
"name": "CVE-2025-38510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
},
{
"name": "CVE-2025-39758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39758"
},
{
"name": "CVE-2025-39694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39694"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"name": "CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"name": "CVE-2023-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53229"
},
{
"name": "CVE-2025-39806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39806"
},
{
"name": "CVE-2022-50414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50414"
},
{
"name": "CVE-2023-53521",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53521"
},
{
"name": "CVE-2023-53479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53479"
},
{
"name": "CVE-2025-38668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38668"
},
{
"name": "CVE-2025-38721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38721"
},
{
"name": "CVE-2023-53313",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53313"
},
{
"name": "CVE-2023-53395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53395"
},
{
"name": "CVE-2025-39684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
},
{
"name": "CVE-2022-50436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50436"
},
{
"name": "CVE-2022-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50271"
},
{
"name": "CVE-2025-38526",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38526"
},
{
"name": "CVE-2023-53485",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53485"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
},
{
"name": "CVE-2025-38703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38703"
},
{
"name": "CVE-2025-39870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39870"
},
{
"name": "CVE-2022-50241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50241"
},
{
"name": "CVE-2025-39807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39807"
},
{
"name": "CVE-2022-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50258"
},
{
"name": "CVE-2025-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
},
{
"name": "CVE-2025-38623",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38623"
},
{
"name": "CVE-2023-53365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53365"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-38544",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38544"
},
{
"name": "CVE-2025-39922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39922"
},
{
"name": "CVE-2025-39797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39797"
},
{
"name": "CVE-2025-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
},
{
"name": "CVE-2023-53184",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53184"
},
{
"name": "CVE-2025-38006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
},
{
"name": "CVE-2022-50312",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50312"
},
{
"name": "CVE-2023-53196",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53196"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2023-53501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53501"
},
{
"name": "CVE-2025-38351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
},
{
"name": "CVE-2022-50340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50340"
},
{
"name": "CVE-2023-53331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53331"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2025-38683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
},
{
"name": "CVE-2023-53440",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53440"
},
{
"name": "CVE-2025-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
},
{
"name": "CVE-2022-50374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50374"
},
{
"name": "CVE-2022-50375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50375"
},
{
"name": "CVE-2024-58239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58239"
},
{
"name": "CVE-2022-50460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50460"
},
{
"name": "CVE-2023-53307",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53307"
},
{
"name": "CVE-2023-53152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53152"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2025-39691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39691"
},
{
"name": "CVE-2025-39850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39850"
},
{
"name": "CVE-2023-53442",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53442"
},
{
"name": "CVE-2025-39890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39890"
},
{
"name": "CVE-2025-39844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39844"
},
{
"name": "CVE-2025-39742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
},
{
"name": "CVE-2023-53286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53286"
},
{
"name": "CVE-2023-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53207"
},
{
"name": "CVE-2025-38605",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38605"
},
{
"name": "CVE-2022-50362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50362"
},
{
"name": "CVE-2023-53205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53205"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-38610",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
},
{
"name": "CVE-2025-39863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39863"
},
{
"name": "CVE-2023-53180",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53180"
},
{
"name": "CVE-2025-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
},
{
"name": "CVE-2023-53385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53385"
},
{
"name": "CVE-2023-53226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53226"
},
{
"name": "CVE-2023-53525",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53525"
},
{
"name": "CVE-2025-38701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38701"
},
{
"name": "CVE-2024-58240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58240"
},
{
"name": "CVE-2023-53249",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53249"
},
{
"name": "CVE-2023-53252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53252"
},
{
"name": "CVE-2023-53261",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53261"
},
{
"name": "CVE-2025-39726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39726"
},
{
"name": "CVE-2023-53246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53246"
},
{
"name": "CVE-2023-53364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53364"
},
{
"name": "CVE-2022-50423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50423"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2022-50239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50239"
},
{
"name": "CVE-2022-50348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50348"
},
{
"name": "CVE-2023-53508",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53508"
},
{
"name": "CVE-2025-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
},
{
"name": "CVE-2023-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53213"
},
{
"name": "CVE-2023-53526",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53526"
},
{
"name": "CVE-2025-39891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39891"
},
{
"name": "CVE-2025-39790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
},
{
"name": "CVE-2023-53255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53255"
},
{
"name": "CVE-2023-53277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53277"
},
{
"name": "CVE-2025-38680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
},
{
"name": "CVE-2023-53379",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53379"
},
{
"name": "CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"name": "CVE-2025-39686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
},
{
"name": "CVE-2025-39798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
},
{
"name": "CVE-2025-38730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38730"
},
{
"name": "CVE-2023-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4515"
},
{
"name": "CVE-2025-39747",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39747"
},
{
"name": "CVE-2023-53343",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53343"
},
{
"name": "CVE-2023-53299",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53299"
},
{
"name": "CVE-2023-53268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53268"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2023-53204",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53204"
},
{
"name": "CVE-2025-39714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
},
{
"name": "CVE-2023-53333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53333"
},
{
"name": "CVE-2022-50394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50394"
},
{
"name": "CVE-2023-53456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53456"
},
{
"name": "CVE-2022-50266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50266"
},
{
"name": "CVE-2023-53446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53446"
},
{
"name": "CVE-2023-53463",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53463"
},
{
"name": "CVE-2023-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53170"
},
{
"name": "CVE-2023-53260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53260"
},
{
"name": "CVE-2025-39854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39854"
},
{
"name": "CVE-2023-53386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53386"
},
{
"name": "CVE-2025-39706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39706"
},
{
"name": "CVE-2025-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39830"
},
{
"name": "CVE-2025-38576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
},
{
"name": "CVE-2025-39869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
},
{
"name": "CVE-2023-53181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53181"
},
{
"name": "CVE-2023-53174",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53174"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-39719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39719"
},
{
"name": "CVE-2025-39695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39695"
},
{
"name": "CVE-2022-50430",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50430"
},
{
"name": "CVE-2025-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-39738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39738"
},
{
"name": "CVE-2023-53295",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53295"
},
{
"name": "CVE-2023-53298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53298"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2023-53507",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53507"
},
{
"name": "CVE-2023-53314",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53314"
},
{
"name": "CVE-2023-53281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53281"
},
{
"name": "CVE-2023-53330",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53330"
},
{
"name": "CVE-2025-39705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39705"
},
{
"name": "CVE-2022-50422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50422"
},
{
"name": "CVE-2022-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50252"
},
{
"name": "CVE-2025-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
},
{
"name": "CVE-2023-53316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53316"
},
{
"name": "CVE-2022-50299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50299"
},
{
"name": "CVE-2023-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53208"
},
{
"name": "CVE-2025-39744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39744"
},
{
"name": "CVE-2023-53315",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53315"
},
{
"name": "CVE-2025-38736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38736"
},
{
"name": "CVE-2023-53297",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53297"
},
{
"name": "CVE-2023-53499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53499"
},
{
"name": "CVE-2023-53513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53513"
},
{
"name": "CVE-2023-53234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53234"
},
{
"name": "CVE-2023-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53167"
},
{
"name": "CVE-2023-53342",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53342"
},
{
"name": "CVE-2025-39678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39678"
},
{
"name": "CVE-2023-53414",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53414"
},
{
"name": "CVE-2025-38531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
},
{
"name": "CVE-2023-53265",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53265"
},
{
"name": "CVE-2025-39693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
},
{
"name": "CVE-2022-50246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50246"
},
{
"name": "CVE-2025-38503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
},
{
"name": "CVE-2025-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
},
{
"name": "CVE-2023-53490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53490"
},
{
"name": "CVE-2023-53302",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53302"
},
{
"name": "CVE-2023-53444",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53444"
},
{
"name": "CVE-2023-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53175"
},
{
"name": "CVE-2022-50392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50392"
},
{
"name": "CVE-2025-38585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
},
{
"name": "CVE-2022-50233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50233"
},
{
"name": "CVE-2023-53274",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53274"
},
{
"name": "CVE-2025-39682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39682"
},
{
"name": "CVE-2022-50410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50410"
},
{
"name": "CVE-2022-50428",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50428"
},
{
"name": "CVE-2023-39197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39197"
},
{
"name": "CVE-2025-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39833"
},
{
"name": "CVE-2025-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39832"
},
{
"name": "CVE-2023-53495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53495"
},
{
"name": "CVE-2023-53436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53436"
},
{
"name": "CVE-2022-50402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50402"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2025-38643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38643"
},
{
"name": "CVE-2022-50427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50427"
},
{
"name": "CVE-2022-50278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50278"
},
{
"name": "CVE-2023-53273",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53273"
},
{
"name": "CVE-2023-53377",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53377"
},
{
"name": "CVE-2023-53500",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53500"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-39847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39847"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-39783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
},
{
"name": "CVE-2025-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39835"
},
{
"name": "CVE-2025-38255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38255"
},
{
"name": "CVE-2025-38512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
},
{
"name": "CVE-2025-38622",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38622"
},
{
"name": "CVE-2022-50279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50279"
},
{
"name": "CVE-2023-53243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53243"
},
{
"name": "CVE-2023-53219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53219"
},
{
"name": "CVE-2022-50467",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50467"
},
{
"name": "CVE-2023-53428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53428"
},
{
"name": "CVE-2025-39677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39677"
},
{
"name": "CVE-2022-50440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50440"
},
{
"name": "CVE-2025-39707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39707"
},
{
"name": "CVE-2022-50248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50248"
},
{
"name": "CVE-2025-39907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
},
{
"name": "CVE-2023-53147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53147"
},
{
"name": "CVE-2023-53292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53292"
},
{
"name": "CVE-2025-38640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38640"
},
{
"name": "CVE-2025-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
},
{
"name": "CVE-2023-53371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53371"
},
{
"name": "CVE-2025-38659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38659"
},
{
"name": "CVE-2024-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53125"
},
{
"name": "CVE-2025-38572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
},
{
"name": "CVE-2022-50381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50381"
},
{
"name": "CVE-2023-53187",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53187"
},
{
"name": "CVE-2025-38550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
},
{
"name": "CVE-2023-53201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53201"
},
{
"name": "CVE-2025-39711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39711"
},
{
"name": "CVE-2022-50385",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50385"
},
{
"name": "CVE-2025-38535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
},
{
"name": "CVE-2025-39873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
},
{
"name": "CVE-2022-50459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50459"
},
{
"name": "CVE-2023-53192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53192"
},
{
"name": "CVE-2022-50277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50277"
},
{
"name": "CVE-2025-38714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
},
{
"name": "CVE-2023-53251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53251"
},
{
"name": "CVE-2023-53337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53337"
},
{
"name": "CVE-2025-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
},
{
"name": "CVE-2023-53380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53380"
},
{
"name": "CVE-2023-53452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53452"
},
{
"name": "CVE-2022-50369",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50369"
},
{
"name": "CVE-2023-53153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53153"
}
],
"initial_release_date": "2025-10-24T00:00:00",
"last_revision_date": "2025-10-24T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0921",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03650-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503650-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03636-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503636-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03648-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503648-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03652-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503652-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20253761-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253761-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3736-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253736-1"
},
{
"published_at": "2025-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3772-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253772-1"
},
{
"published_at": "2025-10-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03663-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503663-1"
},
{
"published_at": "2025-10-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03634-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503634-1"
},
{
"published_at": "2025-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3703-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253703-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03643-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503643-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03646-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503646-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3720-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253720-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3712-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253712-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3734-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253734-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03672-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503672-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3748-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253748-1"
},
{
"published_at": "2025-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3770-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253770-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3751-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253751-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03638-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503638-1"
},
{
"published_at": "2025-10-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03628-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503628-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3679-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253679-1"
},
{
"published_at": "2025-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3704-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253704-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3684-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253684-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3733-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253733-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03671-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503671-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3675-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253675-1"
},
{
"published_at": "2025-10-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03664-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503664-1"
},
{
"published_at": "2025-10-17",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03633-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503633-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3755-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253755-1"
},
{
"published_at": "2025-10-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3683-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253683-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3716-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253716-1"
},
{
"published_at": "2025-10-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03653-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503653-1"
},
{
"published_at": "2025-10-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03666-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503666-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3725-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253725-1"
},
{
"published_at": "2025-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3771-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253771-1"
},
{
"published_at": "2025-10-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03656-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503656-1"
},
{
"published_at": "2025-10-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03662-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503662-1"
},
{
"published_at": "2025-10-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3705-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253705-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3764-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253764-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3721-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253721-1"
},
{
"published_at": "2025-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3768-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253768-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3717-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253717-1"
},
{
"published_at": "2025-10-24",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3769-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253769-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3740-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253740-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20253762-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253762-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3741-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253741-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3742-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253742-1"
},
{
"published_at": "2025-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3731-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253731-1"
},
{
"published_at": "2025-10-23",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:3765-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20253765-1"
}
]
}
CERTFR-2025-AVI-0841
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Real Time Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-38490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
},
{
"name": "CVE-2025-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38201"
},
{
"name": "CVE-2025-38520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
},
{
"name": "CVE-2025-38588",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
},
{
"name": "CVE-2025-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2025-38109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38109"
},
{
"name": "CVE-2025-38624",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
},
{
"name": "CVE-2025-38323",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
},
{
"name": "CVE-2025-38208",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
},
{
"name": "CVE-2023-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53117"
},
{
"name": "CVE-2025-38524",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
},
{
"name": "CVE-2025-38646",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
},
{
"name": "CVE-2025-38491",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38563",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38563"
},
{
"name": "CVE-2025-38591",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38591"
},
{
"name": "CVE-2025-38609",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
},
{
"name": "CVE-2025-38521",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38521"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2025-38571",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
},
{
"name": "CVE-2024-26661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
},
{
"name": "CVE-2023-4130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4130"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2025-38538",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
},
{
"name": "CVE-2024-58238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58238"
},
{
"name": "CVE-2025-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38565"
},
{
"name": "CVE-2025-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
},
{
"name": "CVE-2025-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2025-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
},
{
"name": "CVE-2025-38543",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
},
{
"name": "CVE-2025-38511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38511"
},
{
"name": "CVE-2025-38537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
},
{
"name": "CVE-2025-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2025-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
},
{
"name": "CVE-2025-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-38670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
},
{
"name": "CVE-2025-38602",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2025-38568",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
},
{
"name": "CVE-2025-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2025-38656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38656"
},
{
"name": "CVE-2025-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38541"
},
{
"name": "CVE-2025-38530",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2025-38529",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
},
{
"name": "CVE-2025-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
},
{
"name": "CVE-2025-38650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
},
{
"name": "CVE-2025-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38621"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2022-50116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50116"
},
{
"name": "CVE-2025-38528",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-38468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
},
{
"name": "CVE-2025-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
},
{
"name": "CVE-2025-38663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2025-38665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
},
{
"name": "CVE-2025-38671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
},
{
"name": "CVE-2025-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
},
{
"name": "CVE-2023-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3867"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-38440",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38440"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-38510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
},
{
"name": "CVE-2025-38668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38668"
},
{
"name": "CVE-2025-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
},
{
"name": "CVE-2025-38506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
},
{
"name": "CVE-2025-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
},
{
"name": "CVE-2024-49996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49996"
},
{
"name": "CVE-2025-38006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
},
{
"name": "CVE-2025-38125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2024-58239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58239"
},
{
"name": "CVE-2024-26808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
},
{
"name": "CVE-2025-38185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
},
{
"name": "CVE-2024-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-38605",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38605"
},
{
"name": "CVE-2025-38610",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
},
{
"name": "CVE-2025-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-38581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2023-4515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4515"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2025-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
},
{
"name": "CVE-2025-38190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
},
{
"name": "CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"name": "CVE-2025-38205",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38205"
},
{
"name": "CVE-2024-42265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-38531",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
},
{
"name": "CVE-2025-38503",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
},
{
"name": "CVE-2025-38630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
},
{
"name": "CVE-2025-38585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2025-38360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38360"
},
{
"name": "CVE-2025-38512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
},
{
"name": "CVE-2025-38572",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-38550",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
},
{
"name": "CVE-2025-38535",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
},
{
"name": "CVE-2024-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53177"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
}
],
"initial_release_date": "2025-10-03T00:00:00",
"last_revision_date": "2025-10-03T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0841",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03392-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503392-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03389-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503389-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03418-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503418-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03381-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503381-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03396-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503396-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03416-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503416-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03400-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503400-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03393-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503393-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03395-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503395-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03413-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503413-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03411-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503411-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03406-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503406-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03362-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503362-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03374-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503374-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03408-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503408-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03370-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503370-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03363-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503363-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03419-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503419-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03379-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503379-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03403-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503403-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03412-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503412-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03375-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503375-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03391-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503391-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03414-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503414-1"
},
{
"published_at": "2025-09-27",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03397-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503397-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03382-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503382-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03387-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503387-1"
},
{
"published_at": "2025-09-28",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03410-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503410-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03384-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503384-1"
},
{
"published_at": "2025-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:03383-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503383-1"
}
]
}
fkie_cve-2025-38490
Vulnerability from fkie_nvd
Published
2025-07-28 12:15
Modified
2025-07-29 14:14
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: libwx: remove duplicate page_pool_put_full_page()
page_pool_put_full_page() should only be invoked when freeing Rx buffers
or building a skb if the size is too short. At other times, the pages
need to be reused. So remove the redundant page put. In the original
code, double free pages cause kernel panic:
[ 876.949834] __irq_exit_rcu+0xc7/0x130
[ 876.949836] common_interrupt+0xb8/0xd0
[ 876.949838] </IRQ>
[ 876.949838] <TASK>
[ 876.949840] asm_common_interrupt+0x22/0x40
[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420
[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 <45> 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d
[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246
[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000
[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e
[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed
[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580
[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000
[ 876.949852] ? cpuidle_enter_state+0xb3/0x420
[ 876.949855] cpuidle_enter+0x29/0x40
[ 876.949857] cpuidle_idle_call+0xfd/0x170
[ 876.949859] do_idle+0x7a/0xc0
[ 876.949861] cpu_startup_entry+0x25/0x30
[ 876.949862] start_secondary+0x117/0x140
[ 876.949864] common_startup_64+0x13e/0x148
[ 876.949867] </TASK>
[ 876.949868] ---[ end trace 0000000000000000 ]---
[ 876.949869] ------------[ cut here ]------------
[ 876.949870] list_del corruption, ffffead40445a348->next is NULL
[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120
[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)
[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi
[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)
[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE
[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024
[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120
[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff <0f> 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8
[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282
[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000
[ 876.949942] RDX: 0000000000000105 RSI: 00000
---truncated---
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/003e4765d8661be97e650a833868c53d35574130 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/08d18bda0d03f5ec376929a8c6c4495f9594593a | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/1b7e585c04cd5f0731dd25ffd396277e55fae0e6 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: libwx: eliminar la p\u00e1gina duplicada page_pool_put_full_page(). page_pool_put_full_page() solo debe invocarse al liberar b\u00faferes Rx o al crear un skb si el tama\u00f1o es demasiado peque\u00f1o. En otros casos, es necesario reutilizar las p\u00e1ginas. Por lo tanto, se debe eliminar la p\u00e1gina redundante. En el c\u00f3digo original, las p\u00e1ginas doblemente libres provocan p\u00e1nico en el n\u00facleo:[ 876.949834] __irq_exit_rcu+0xc7/0x130 [ 876.949836] common_interrupt+0xb8/0xd0 [ 876.949838] [ 876.949838] [ 876.949840] asm_common_interrupt+0x22/0x40 [ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u0026lt;45\u0026gt; 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246 [ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000 [ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e [ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed [ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580 [ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000 [ 876.949852] ? cpuidle_enter_state+0xb3/0x420 [ 876.949855] cpuidle_enter+0x29/0x40 [ 876.949857] cpuidle_idle_call+0xfd/0x170 [ 876.949859] do_idle+0x7a/0xc0 [ 876.949861] cpu_startup_entry+0x25/0x30 [ 876.949862] start_secondary+0x117/0x140 [ 876.949864] common_startup_64+0x13e/0x148 [ 876.949867] [ 876.949868] ---[ end trace 0000000000000000 ]--- [ 876.949869] ------------[ cut here ]------------ [ 876.949870] list_del corruption, ffffead40445a348-\u0026gt;next is NULL [ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120 [ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E) [ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi [ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary) [ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE [ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120 [ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u0026lt;0f\u0026gt; 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8 [ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282 [ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000 [ 876.949942] RDX: 0000000000000105 RSI: 00000 ---truncated---"
}
],
"id": "CVE-2025-38490",
"lastModified": "2025-07-29T14:14:29.590",
"metrics": {},
"published": "2025-07-28T12:15:31.113",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/003e4765d8661be97e650a833868c53d35574130"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/08d18bda0d03f5ec376929a8c6c4495f9594593a"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/1b7e585c04cd5f0731dd25ffd396277e55fae0e6"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
msrc_cve-2025-38490
Vulnerability from csaf_microsoft
Published
2025-07-02 00:00
Modified
2025-09-04 01:00
Summary
net: libwx: remove duplicate page_pool_put_full_page()
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-38490 net: libwx: remove duplicate page_pool_put_full_page() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-38490.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "net: libwx: remove duplicate page_pool_put_full_page()",
"tracking": {
"current_release_date": "2025-09-04T01:00:10.000Z",
"generator": {
"date": "2025-10-20T03:36:12.204Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-38490",
"initial_release_date": "2025-07-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-09-04T01:00:10.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "azl3 kernel 6.6.96.1-1",
"product": {
"name": "azl3 kernel 6.6.96.1-1",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 6.6.96.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38490",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-38490 net: libwx: remove duplicate page_pool_put_full_page() - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-38490.json"
}
],
"title": "net: libwx: remove duplicate page_pool_put_full_page()"
}
]
}
ghsa-88q8-28j6-6qvj
Vulnerability from github
Published
2025-07-28 12:30
Modified
2025-07-28 12:30
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
net: libwx: remove duplicate page_pool_put_full_page()
page_pool_put_full_page() should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant page put. In the original code, double free pages cause kernel panic:
[ 876.949834] __irq_exit_rcu+0xc7/0x130 [ 876.949836] common_interrupt+0xb8/0xd0 [ 876.949838] [ 876.949838] [ 876.949840] asm_common_interrupt+0x22/0x40 [ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420 [ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 <45> 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d [ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246 [ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000 [ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e [ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed [ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580 [ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000 [ 876.949852] ? cpuidle_enter_state+0xb3/0x420 [ 876.949855] cpuidle_enter+0x29/0x40 [ 876.949857] cpuidle_idle_call+0xfd/0x170 [ 876.949859] do_idle+0x7a/0xc0 [ 876.949861] cpu_startup_entry+0x25/0x30 [ 876.949862] start_secondary+0x117/0x140 [ 876.949864] common_startup_64+0x13e/0x148 [ 876.949867] [ 876.949868] ---[ end trace 0000000000000000 ]--- [ 876.949869] ------------[ cut here ]------------ [ 876.949870] list_del corruption, ffffead40445a348->next is NULL [ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120 [ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E) [ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi [ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary) [ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE [ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024 [ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120 [ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff <0f> 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8 [ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282 [ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000 [ 876.949942] RDX: 0000000000000105 RSI: 00000 ---truncated---
{
"affected": [],
"aliases": [
"CVE-2025-38490"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-28T12:15:31Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: remove duplicate page_pool_put_full_page()\n\npage_pool_put_full_page() should only be invoked when freeing Rx buffers\nor building a skb if the size is too short. At other times, the pages\nneed to be reused. So remove the redundant page put. In the original\ncode, double free pages cause kernel panic:\n\n[ 876.949834] __irq_exit_rcu+0xc7/0x130\n[ 876.949836] common_interrupt+0xb8/0xd0\n[ 876.949838] \u003c/IRQ\u003e\n[ 876.949838] \u003cTASK\u003e\n[ 876.949840] asm_common_interrupt+0x22/0x40\n[ 876.949841] RIP: 0010:cpuidle_enter_state+0xc2/0x420\n[ 876.949843] Code: 00 00 e8 d1 1d 5e ff e8 ac f0 ff ff 49 89 c5 0f 1f 44 00 00 31 ff e8 cd fc 5c ff 45 84 ff 0f 85 40 02 00 00 fb 0f 1f 44 00 00 \u003c45\u003e 85 f6 0f 88 84 01 00 00 49 63 d6 48 8d 04 52 48 8d 04 82 49 8d\n[ 876.949844] RSP: 0018:ffffaa7340267e78 EFLAGS: 00000246\n[ 876.949845] RAX: ffff9e3f135be000 RBX: 0000000000000002 RCX: 0000000000000000\n[ 876.949846] RDX: 000000cc2dc4cb7c RSI: ffffffff89ee49ae RDI: ffffffff89ef9f9e\n[ 876.949847] RBP: ffff9e378f940800 R08: 0000000000000002 R09: 00000000000000ed\n[ 876.949848] R10: 000000000000afc8 R11: ffff9e3e9e5a9b6c R12: ffffffff8a6d8580\n[ 876.949849] R13: 000000cc2dc4cb7c R14: 0000000000000002 R15: 0000000000000000\n[ 876.949852] ? cpuidle_enter_state+0xb3/0x420\n[ 876.949855] cpuidle_enter+0x29/0x40\n[ 876.949857] cpuidle_idle_call+0xfd/0x170\n[ 876.949859] do_idle+0x7a/0xc0\n[ 876.949861] cpu_startup_entry+0x25/0x30\n[ 876.949862] start_secondary+0x117/0x140\n[ 876.949864] common_startup_64+0x13e/0x148\n[ 876.949867] \u003c/TASK\u003e\n[ 876.949868] ---[ end trace 0000000000000000 ]---\n[ 876.949869] ------------[ cut here ]------------\n[ 876.949870] list_del corruption, ffffead40445a348-\u003enext is NULL\n[ 876.949873] WARNING: CPU: 14 PID: 0 at lib/list_debug.c:52 __list_del_entry_valid_or_report+0x67/0x120\n[ 876.949875] Modules linked in: snd_hrtimer(E) bnep(E) binfmt_misc(E) amdgpu(E) squashfs(E) vfat(E) loop(E) fat(E) amd_atl(E) snd_hda_codec_realtek(E) intel_rapl_msr(E) snd_hda_codec_generic(E) intel_rapl_common(E) snd_hda_scodec_component(E) snd_hda_codec_hdmi(E) snd_hda_intel(E) edac_mce_amd(E) snd_intel_dspcfg(E) snd_hda_codec(E) snd_hda_core(E) amdxcp(E) kvm_amd(E) snd_hwdep(E) gpu_sched(E) drm_panel_backlight_quirks(E) cec(E) snd_pcm(E) drm_buddy(E) snd_seq_dummy(E) drm_ttm_helper(E) btusb(E) kvm(E) snd_seq_oss(E) btrtl(E) ttm(E) btintel(E) snd_seq_midi(E) btbcm(E) drm_exec(E) snd_seq_midi_event(E) i2c_algo_bit(E) snd_rawmidi(E) bluetooth(E) drm_suballoc_helper(E) irqbypass(E) snd_seq(E) ghash_clmulni_intel(E) sha512_ssse3(E) drm_display_helper(E) aesni_intel(E) snd_seq_device(E) rfkill(E) snd_timer(E) gf128mul(E) drm_client_lib(E) drm_kms_helper(E) snd(E) i2c_piix4(E) joydev(E) soundcore(E) wmi_bmof(E) ccp(E) k10temp(E) i2c_smbus(E) gpio_amdpt(E) i2c_designware_platform(E) gpio_generic(E) sg(E)\n[ 876.949914] i2c_designware_core(E) sch_fq_codel(E) parport_pc(E) drm(E) ppdev(E) lp(E) parport(E) fuse(E) nfnetlink(E) ip_tables(E) ext4 crc16 mbcache jbd2 sd_mod sfp mdio_i2c i2c_core txgbe ahci ngbe pcs_xpcs libahci libwx r8169 phylink libata realtek ptp pps_core video wmi\n[ 876.949933] CPU: 14 UID: 0 PID: 0 Comm: swapper/14 Kdump: loaded Tainted: G W E 6.16.0-rc2+ #20 PREEMPT(voluntary)\n[ 876.949935] Tainted: [W]=WARN, [E]=UNSIGNED_MODULE\n[ 876.949936] Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING PLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n[ 876.949936] RIP: 0010:__list_del_entry_valid_or_report+0x67/0x120\n[ 876.949938] Code: 00 00 00 48 39 7d 08 0f 85 a6 00 00 00 5b b8 01 00 00 00 5d 41 5c e9 73 0d 93 ff 48 89 fe 48 c7 c7 a0 31 e8 89 e8 59 7c b3 ff \u003c0f\u003e 0b 31 c0 5b 5d 41 5c e9 57 0d 93 ff 48 89 fe 48 c7 c7 c8 31 e8\n[ 876.949940] RSP: 0018:ffffaa73405d0c60 EFLAGS: 00010282\n[ 876.949941] RAX: 0000000000000000 RBX: ffffead40445a348 RCX: 0000000000000000\n[ 876.949942] RDX: 0000000000000105 RSI: 00000\n---truncated---",
"id": "GHSA-88q8-28j6-6qvj",
"modified": "2025-07-28T12:30:36Z",
"published": "2025-07-28T12:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38490"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/003e4765d8661be97e650a833868c53d35574130"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/08d18bda0d03f5ec376929a8c6c4495f9594593a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1b7e585c04cd5f0731dd25ffd396277e55fae0e6"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3c91a56762b1f0d1e4af2d86c2cba83b61ed9eaa"
}
],
"schema_version": "1.4.0",
"severity": []
}
wid-sec-w-2025-1665
Vulnerability from csaf_certbund
Published
2025-07-28 22:00
Modified
2025-10-23 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder andere nicht spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1665 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1665.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1665 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1665"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38468",
"url": "https://lore.kernel.org/linux-cve-announce/2025072834-CVE-2025-38468-4110@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38469",
"url": "https://lore.kernel.org/linux-cve-announce/2025072811-CVE-2025-38469-4e11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38470",
"url": "https://lore.kernel.org/linux-cve-announce/2025072811-CVE-2025-38470-a4d4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38471",
"url": "https://lore.kernel.org/linux-cve-announce/2025072812-CVE-2025-38471-ca92@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38472",
"url": "https://lore.kernel.org/linux-cve-announce/2025072812-CVE-2025-38472-fa6d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38473",
"url": "https://lore.kernel.org/linux-cve-announce/2025072812-CVE-2025-38473-e8bb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38474",
"url": "https://lore.kernel.org/linux-cve-announce/2025072812-CVE-2025-38474-0663@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38475",
"url": "https://lore.kernel.org/linux-cve-announce/2025072813-CVE-2025-38475-deb5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38476",
"url": "https://lore.kernel.org/linux-cve-announce/2025072813-CVE-2025-38476-ab35@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38477",
"url": "https://lore.kernel.org/linux-cve-announce/2025072813-CVE-2025-38477-8b42@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38478",
"url": "https://lore.kernel.org/linux-cve-announce/2025072814-CVE-2025-38478-298f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38480",
"url": "https://lore.kernel.org/linux-cve-announce/2025072814-CVE-2025-38480-d8ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38481",
"url": "https://lore.kernel.org/linux-cve-announce/2025072814-CVE-2025-38481-1476@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38482",
"url": "https://lore.kernel.org/linux-cve-announce/2025072814-CVE-2025-38482-f4ed@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38483",
"url": "https://lore.kernel.org/linux-cve-announce/2025072815-CVE-2025-38483-ab88@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38484",
"url": "https://lore.kernel.org/linux-cve-announce/2025072815-CVE-2025-38484-4faf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38485",
"url": "https://lore.kernel.org/linux-cve-announce/2025072815-CVE-2025-38485-3cec@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38486",
"url": "https://lore.kernel.org/linux-cve-announce/2025072815-CVE-2025-38486-e3f6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38487",
"url": "https://lore.kernel.org/linux-cve-announce/2025072816-CVE-2025-38487-1ffa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38488",
"url": "https://lore.kernel.org/linux-cve-announce/2025072816-CVE-2025-38488-7f36@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38489",
"url": "https://lore.kernel.org/linux-cve-announce/2025072816-CVE-2025-38489-0fd7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38490",
"url": "https://lore.kernel.org/linux-cve-announce/2025072816-CVE-2025-38490-7528@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38491",
"url": "https://lore.kernel.org/linux-cve-announce/2025072817-CVE-2025-38491-859c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38492",
"url": "https://lore.kernel.org/linux-cve-announce/2025072817-CVE-2025-38492-d59e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38493",
"url": "https://lore.kernel.org/linux-cve-announce/2025072817-CVE-2025-38493-32f7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38494",
"url": "https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38494-63e4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38495",
"url": "https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38495-3b28@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38496",
"url": "https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38496-4301@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-38497",
"url": "https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38497-b5c7@gregkh/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
"url": "https://ubuntu.com/security/notices/USN-7686-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5973 vom 2025-08-12",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00137.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5975 vom 2025-08-13",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00139.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13962 vom 2025-08-18",
"url": "https://access.redhat.com/errata/RHSA-2025:13962"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02823-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022188.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02830-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022186.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02834-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022183.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02827-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022187.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02833-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022184.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02832-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022185.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02820-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022190.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02821-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022189.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02852-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022201.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02846-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022192.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02849-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022204.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14009 vom 2025-08-18",
"url": "https://access.redhat.com/errata/RHSA-2025:14009"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14005 vom 2025-08-18",
"url": "https://access.redhat.com/errata/RHSA-2025:14005"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02850-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022203.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02851-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022202.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02848-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022193.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02853-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022200.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02854-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022199.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14003 vom 2025-08-18",
"url": "https://access.redhat.com/errata/RHSA-2025:14003"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02857-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022198.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02858-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022197.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02859-1 vom 2025-08-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LD4YB6F7MNGQGQU73AT5B2DURSYKBLRI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02878-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022207.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02860-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022212.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02884-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022205.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02875-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022211.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02871-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022210.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02876-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022208.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02873-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022209.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02883-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022206.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14082 vom 2025-08-19",
"url": "https://access.redhat.com/errata/RHSA-2025:14082"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02897-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022217.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02909-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022224.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02911-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022223.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02922-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022235.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02917-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022222.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02918-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022221.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02894-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022219.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02908-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022218.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02902-1 vom 2025-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022216.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02923-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022237.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-13962 vom 2025-08-20",
"url": "https://linux.oracle.com/errata/ELSA-2025-13962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02930-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022240.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02926-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022238.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02932-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022241.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02933-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022243.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02934-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022242.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02942-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022247.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02936-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022250.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02944-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022245.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02945-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022244.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02937-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022249.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02955-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022252.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02938-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022248.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02943-1 vom 2025-08-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022246.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-14009 vom 2025-08-22",
"url": "https://linux.oracle.com/errata/ELSA-2025-14009.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02969-1 vom 2025-08-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022259.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14497 vom 2025-08-25",
"url": "https://access.redhat.com/errata/RHSA-2025:14497"
},
{
"category": "external",
"summary": "Google Cloud Platform Security Bulletin GCP-2025-046 vom 2025-08-25",
"url": "https://cloud.google.com/support/bulletins#gcp-2025-046"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14599 vom 2025-08-26",
"url": "https://access.redhat.com/errata/RHSA-2025:14599"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14811 vom 2025-08-28",
"url": "https://access.redhat.com/errata/RHSA-2025:14811"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02997-1 vom 2025-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022283.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02996-1 vom 2025-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022291.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20586-1 vom 2025-08-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022295.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20577-1 vom 2025-08-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03011-1 vom 2025-08-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022327.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20602-1 vom 2025-08-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022362.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20601-1 vom 2025-08-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022363.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03023-1 vom 2025-08-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022329.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15008 vom 2025-09-02",
"url": "https://access.redhat.com/errata/RHSA-2025:15008"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15005 vom 2025-09-02",
"url": "https://access.redhat.com/errata/RHSA-2025:15005"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7712-2 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7712-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-15008 vom 2025-09-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-15008.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-15005 vom 2025-09-05",
"url": "http://linux.oracle.com/errata/ELSA-2025-15005.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20551 vom 2025-09-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-20551.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20638-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022436.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20653-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022432.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20639-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022439.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20648-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022431.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20669-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022482.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20678-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022475.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20677-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022474.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20676-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022473.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20679-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022472.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20680-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022471.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20681-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022470.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20684-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022469.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20682-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022468.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20685-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022467.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20687-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022465.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20688-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022464.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20690-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022463.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20686-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022466.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20689-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022462.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20635-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022447.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20636-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022446.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20641-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022445.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20637-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022444.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20633-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022443.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20640-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022442.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20642-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022441.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20644-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022440.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20647-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022433.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20645-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022434.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20643-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022435.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20646-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022437.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20634-1 vom 2025-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022438.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03204-1 vom 2025-09-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022522.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-104 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-104.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-109 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-109.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3001 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3001.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20713-1 vom 2025-09-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022559.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03272-1 vom 2025-09-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022589.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03290-1 vom 2025-09-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022602.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6009 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00173.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20609 vom 2025-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-20609.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03310-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022610.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03301-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022605.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20632 vom 2025-09-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-20632.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03344-1 vom 2025-09-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GKXOSPRZJUZDU6VCQLCJK56ZS5CAS3IE/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03382-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022721.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03384-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022723.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20756-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022703.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20781-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022662.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:16880 vom 2025-09-29",
"url": "https://access.redhat.com/errata/RHSA-2025:16880"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20739-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022711.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-16880 vom 2025-09-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-16880.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17009 vom 2025-09-30",
"url": "https://access.redhat.com/errata/RHSA-2025:17009"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20645 vom 2025-09-30",
"url": "http://linux.oracle.com/errata/ELSA-2025-20645.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17124 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17124"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17123 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17123"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17109 vom 2025-09-30",
"url": "https://access.redhat.com/errata/RHSA-2025:17109"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17122 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17122"
},
{
"category": "external",
"summary": "Dell Security Update vom 2025-10-02",
"url": "https://www.dell.com/support/kbdoc/000376224"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7791-1 vom 2025-10-01",
"url": "https://ubuntu.com/security/notices/USN-7791-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-1 vom 2025-10-01",
"url": "https://ubuntu.com/security/notices/USN-7792-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7793-1 vom 2025-10-01",
"url": "https://ubuntu.com/security/notices/USN-7793-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17161 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17161"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7791-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7791-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17241 vom 2025-10-02",
"url": "https://access.redhat.com/errata/RHSA-2025:17241"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7793-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7793-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7795-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7793-3 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7793-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7792-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7801-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-3 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7799-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7799-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7793-4 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7793-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7800-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7800-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7791-3 vom 2025-10-06",
"url": "https://ubuntu.com/security/notices/USN-7791-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-2 vom 2025-10-06",
"url": "https://ubuntu.com/security/notices/USN-7801-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03480-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022785.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03472-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022780.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03476-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022777.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03475-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022778.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03473-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022779.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03470-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022781.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03469-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022782.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03468-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022783.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03479-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022784.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03465-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022774.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7792-3 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7792-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7808-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7808-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7793-5 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7793-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7809-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7809-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03485-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022786.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03483-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022787.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03482-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022788.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7810-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7810-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7811-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7811-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-3 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7795-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03495-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022793.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03494-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022794.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03497-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022792.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice LSN-0115-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/LSN-0115-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03498-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022791.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03496-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022795.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03504-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SECAEAK6WEIFWFKCJTBA2HF5JSEVDUS4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03503-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JUWAQTIC7XPSFOY6GTF6ZLAS2JNMHEKU/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:16880 vom 2025-10-10",
"url": "https://errata.build.resf.org/RLSA-2025:16880"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03514-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XAWB2PO5O6CBDV27R7BVVXL54MXG5ST5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03515-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WZMAWGSTVLDAWJ5BFWVU5QNELQPOARF5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03529-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022817.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03539-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022824.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03528-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022818.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03538-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022825.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03557-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022848.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03543-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MC656OYGPRT7D2WOKGTVHYQVKRPDOF2M/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03553-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVXXSG7PIJG7HTJMMXDXUMVAAMRTWXFG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03551-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q32AAYIZHLE3LIPP3Z4RDEWKSNSLNSPT/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03548-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SOZC4LP2VEWOVXCP5X7JSFTFZEWXQE6H/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03554-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TH3AMQOQLP3DYM2S52DBRVQOATOXEZ4A/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03561-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EDKZECBROYLID7RUOUM6MR5E56GQ5YXO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03572-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H42ZUMCQNM6SECA64UGAIN5EO4ZQWQEC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03541-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XKOOHT7ZFB34FTK3MBV76ZBHNFB6V36H/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03550-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XDVJVXSYE6RDJE6PIFLUMFB5AKNRMVBB/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03562-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZI3AKM7E7S47J3CNR6BEEUR3FG2MK7N2/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03583-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AB4IURMPH2RSCVO4LUVSAHXMK4VQMQOA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03559-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPHXJO5EMVRKXZC5ZXKEJXDYNB4RJTVU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03578-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JE73VH4T37L5F3VWVHXRSVC6UFH7VY2G/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03555-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QIU2ENCHZ6TGXFRZ6RCIDKC37OKELKRV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03563-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EC4PXMLKKMVMYAUI5S3O2XUOAVVXC2CO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03580-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S6S2ABU6DFOD2DPFHPKIDP3QVGRAYOKO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03577-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022835.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03576-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022836.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03575-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022837.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03571-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022839.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03569-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022840.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03568-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022841.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03567-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022842.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03566-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022843.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03552-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ASE45FGX2RMM2GBDZF272V6E2AUS53WZ/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4327 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4328 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20663 vom 2025-10-13",
"url": "https://linux.oracle.com/errata/ELSA-2025-20663.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-4 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7796-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7819-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7820-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7820-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20806-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022878.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20807-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022877.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20808-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022876.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20809-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022875.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20810-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022874.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20812-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022872.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20811-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022873.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20813-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022871.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20814-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20815-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022869.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20816-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022868.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20817-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022867.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20818-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022866.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20819-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022865.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20820-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022864.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20830-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022895.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7808-2 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7808-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7821-1 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7821-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7810-3 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7810-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7810-2 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7810-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7791-4 vom 2025-10-14",
"url": "https://ubuntu.com/security/notices/USN-7791-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20832-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022893.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20831-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022894.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20829-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022896.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20826-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022899.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20841-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022884.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20828-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022897.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20827-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022898.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20842-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022883.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20840-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022885.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20839-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022886.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20838-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022887.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20837-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022888.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20833-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022892.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20834-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022891.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20836-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022889.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20835-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022890.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20716 vom 2025-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2025-20716.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03601-1 vom 2025-10-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022903.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7801-3 vom 2025-10-15",
"url": "https://ubuntu.com/security/notices/USN-7801-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03602-1 vom 2025-10-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022908.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03613-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022915.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03626-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z3DYHRRLY43MYRNEEU5SFR4ZRMSPITED/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03633-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022926.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03628-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O6BEPQBC4GULLYP5G3VVU4ZS37B7I6EV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03634-1 vom 2025-10-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022925.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03646-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022939.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03650-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022941.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03638-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022942.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03636-1 vom 2025-10-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022943.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17161 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-17161.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-2 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7819-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3716-1 vom 2025-10-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022962.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3742-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V7WMM33D7UTTQM25T2XCVZHFJKIMM3TO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3742-1 vom 2025-10-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022975.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3764-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SP6KY7ONJTFGDWCHVV7CO7D4KUEJ27DA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3765-1 vom 2025-10-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022991.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3751-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NMB6RXALFYMRMM4UK7R54RAQRCZJEBH4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3761-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MLTPAKCOQABZPEY7O35CI42PHK5WNIUQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3762-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/L5PU3QBFUI54V4YM7FX4AIWKDVDLIFMV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3755-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZFR7CE7W5U4CT7EDERPCHLWSGEIHWJLA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:3748-1 vom 2025-10-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BYXC2NBEEGHSFXWCA3DVT5LVZMZ5RRNP/"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-23T22:00:00.000+00:00",
"generator": {
"date": "2025-10-24T08:35:17.871+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1665",
"initial_release_date": "2025-07-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-17T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-20T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-21T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat und Google aufgenommen"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-31T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-01T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-02T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-03T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-04T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-08T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-18T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE und Debian aufgenommen"
},
{
"date": "2025-09-23T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2025-09-28T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-09-30T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Dell, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und SUSE aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-19T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "46"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.4.0.0",
"product_id": "T045879"
}
},
{
"category": "product_version",
"name": "8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.4.0.0",
"product_id": "T045879-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.70",
"product_id": "T045881"
}
},
{
"category": "product_version",
"name": "7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.70",
"product_id": "T045881-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.70"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.40",
"product_id": "T047343"
}
},
{
"category": "product_version",
"name": "7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.40",
"product_id": "T047343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.1.10",
"product_id": "T047344"
}
},
{
"category": "product_version",
"name": "8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.1.10",
"product_id": "T047344-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.1.10"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T046484",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-50047",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2024-50047"
},
{
"cve": "CVE-2025-38468",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38468"
},
{
"cve": "CVE-2025-38469",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38469"
},
{
"cve": "CVE-2025-38470",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38470"
},
{
"cve": "CVE-2025-38471",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38471"
},
{
"cve": "CVE-2025-38472",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38472"
},
{
"cve": "CVE-2025-38473",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38473"
},
{
"cve": "CVE-2025-38474",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38474"
},
{
"cve": "CVE-2025-38475",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38475"
},
{
"cve": "CVE-2025-38476",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-38477",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38477"
},
{
"cve": "CVE-2025-38478",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38478"
},
{
"cve": "CVE-2025-38480",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38480"
},
{
"cve": "CVE-2025-38481",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38481"
},
{
"cve": "CVE-2025-38482",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38482"
},
{
"cve": "CVE-2025-38483",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38483"
},
{
"cve": "CVE-2025-38484",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38484"
},
{
"cve": "CVE-2025-38485",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38485"
},
{
"cve": "CVE-2025-38486",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38486"
},
{
"cve": "CVE-2025-38487",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38487"
},
{
"cve": "CVE-2025-38488",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38488"
},
{
"cve": "CVE-2025-38489",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38489"
},
{
"cve": "CVE-2025-38490",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38490"
},
{
"cve": "CVE-2025-38491",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38491"
},
{
"cve": "CVE-2025-38492",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38492"
},
{
"cve": "CVE-2025-38493",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38493"
},
{
"cve": "CVE-2025-38494",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38494"
},
{
"cve": "CVE-2025-38495",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38495"
},
{
"cve": "CVE-2025-38496",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38496"
},
{
"cve": "CVE-2025-38497",
"product_status": {
"known_affected": [
"67646",
"T004914",
"T032255",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"1607324",
"T045881",
"T047344"
]
},
"release_date": "2025-07-28T22:00:00.000+00:00",
"title": "CVE-2025-38497"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…